QuickTime 7.5.5 / ITunes 8.0 Remote Heap Overflow Crash Exploit(情報元のブックマーク数)

Quicktime7.5.5とItunes 8.0への脆弱性へのExploitらしいです。あれ?最新版に脆弱性

やっぱり、Zero-Dayみたいです。

###############################################################################
# Quicktime7.5.5/Itunes 8.0 Remote Heap Overflow Crash
# Vendor: http://www.apple.com/
# Risk : high
#
# The "" tag fail to handle long strings, which can lead to a heap overflow in Quicktime/Itunes media player.
# This bug can be remote or local, Quicktime/Itunes parse any supplied file for a reconized header even if the header is not corresponding
# to the filetype, so you can put some xml in a mp4, mov,etc and open it with quicktime or you can do the same in some html page leading to a
# remote crash on firefox, IE and any browser using the Quicktime plugin.
# Code execution may be possible.

http://www.milw0rm.com/exploits/6471

screenshot