- home
- reviews
- news
- downloads
- cnet tv
On mySimon: Karen Scott "Benedict" Slingback Pump
- log in
- join CNET
- welcome,
- my profile
- log out

Comments on: Another QuickTime RTSP flaw announced

This QuickTime buffer overflow vulnerability appears to be different from a similar vulnerability patched by Apple in December 2007.

Add a Comment (Log in or register) (5 Comments)

Assume the protocol is flawed

by mjm01010101 January 11, 2008 12:44 PM PST

There has been a vuln found in quicktime every month ever since release. Assume the protocol and player are therefore flawed.

Like this Reply to this comment

flawed assumption
by sjkx January 11, 2008 1:01 PM PST: Just because a protocol has security vulnerabilities doesn't imply
it's flawed, especially if it wasn't designed to be secure. Using your
"logic" many Internet protocols (including TCP and IP) are flawed.; Like this View reply Hide reply
Processing

RTSP is the industry accepted standard (even for MS!)
by Ilgaz January 11, 2008 1:57 PM PST: The "Protocol" isn't flawed, its implementation (one of many!) has
issue. If Apple acts late again, whole web will be full of "uninstall
quicktime" advices which will hurt many things such as
mpeg4/h264 standard adoption.; Like this

Apple said "Sometime in Early 2008"....
by fred dunn January 15, 2008 6:44 AM PST: What a real help. It appears they are more concerned with showing new products and Steve Job's ego than with security.; Like this Reply to this comment

(5 Comments)

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.