Comments on: Beware: Second Life viewer flaw http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/ Coverage of news, issues and events occurring in virtual worlds or those who create those worlds Wed, 17 Mar 2010 10:03:25 +1100 http://wordpress.org/?v=2.9.1 hourly 1 By: Dogma http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-18909 Dogma Mon, 03 Dec 2007 04:25:47 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-18909 Yes I understood that too, but I find it equally important too alert people that it is not in SL itself the problem arises, you could be hit by malicious code in Opera,IE, FireFox ... any browser Using Apple Quicktime while streaming from an RSTP source is where the exploit happen, by triggering code from a stack overflow. So I just wanted too point out that it is not just when being in SL, streaming video could compromise your computer. Yes I understood that too, but I find it equally important too alert people that it is not in SL itself the problem arises, you could be hit by malicious code in Opera,IE, FireFox … any browser Using Apple Quicktime while streaming from an RSTP source is where the exploit happen, by triggering code from a stack overflow.

So I just wanted too point out that it is not just when being in SL, streaming video could compromise your computer.

]]> By: Dogma http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-135803 Dogma Mon, 03 Dec 2007 04:25:47 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-135803 Yes I understood that too, but I find it equally important too alert people that it is not in SL itself the problem arises, you could be hit by malicious code in Opera,IE, FireFox ... any browser Using Apple Quicktime while streaming from an RSTP source is where the exploit happen, by triggering code from a stack overflow.<br><br>So I just wanted too point out that it is not just when being in SL, streaming video could compromise your computer. Yes I understood that too, but I find it equally important too alert people that it is not in SL itself the problem arises, you could be hit by malicious code in Opera,IE, FireFox … any browser Using Apple Quicktime while streaming from an RSTP source is where the exploit happen, by triggering code from a stack overflow.

So I just wanted too point out that it is not just when being in SL, streaming video could compromise your computer.

]]> By: Lowell Cremorne http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-18792 Lowell Cremorne Sat, 01 Dec 2007 12:18:42 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-18792 Hi Dogma - you're right that QuickTIme is the culprit. My heads-up was purely to warn SL users that using their viewer contained risk at this stage until they turn off video streaming ;) Hi Dogma – you’re right that QuickTIme is the culprit. My heads-up was purely to warn SL users that using their viewer contained risk at this stage until they turn off video streaming ;)

]]> By: Lowell Cremorne http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-135802 Lowell Cremorne Sat, 01 Dec 2007 12:18:42 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-135802 Hi Dogma - you're right that QuickTIme is the culprit. My heads-up was purely to warn SL users that using their viewer contained risk at this stage until they turn off video streaming ;) Hi Dogma – you’re right that QuickTIme is the culprit. My heads-up was purely to warn SL users that using their viewer contained risk at this stage until they turn off video streaming ;)

]]> By: Dogma http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-18790 Dogma Sat, 01 Dec 2007 11:44:05 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-18790 "Testing indicates that QuickTime versions 4.0 through 7.3 are vulnerable on all supported Mac and Windows platforms." “Testing indicates that QuickTime versions 4.0 through 7.3 are vulnerable on all supported Mac and Windows platforms.”

]]> By: Dogma http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-135801 Dogma Sat, 01 Dec 2007 11:44:05 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-135801 "Testing indicates that QuickTime versions 4.0 through 7.3 are vulnerable on all supported Mac and Windows platforms." “Testing indicates that QuickTime versions 4.0 through 7.3 are vulnerable on all supported Mac and Windows platforms.”

]]> By: Dogma http://www.metaversejournal.com/2007/12/01/beware-second-life-viewer-flaw/comment-page-1/#comment-18789 Dogma Sat, 01 Dec 2007 11:41:15 +0000 http://www.sloz.info/2007/12/01/beware-second-life-viewer-flaw/#comment-18789 Attention! If you are reporting on security flaws maybe you should get your facts straight before. This is not Linden Labs Issue, it's an issue with the code of Apple Quicktime, hence you can be hit with this streaming video from any malicious webpage with quicktime on MAC OSX or XP SP2, not only in SecondLife. http://www.kb.cert.org/vuls/id/659761 Attention! If you are reporting on security flaws maybe you should get your facts straight before. This is not Linden Labs Issue, it’s an issue with the code of Apple Quicktime, hence you can be hit with this streaming video from any malicious webpage with quicktime on MAC OSX or XP SP2, not only in SecondLife.

http://www.kb.cert.org/vuls/id/659761

]]>