Geoff Beier

Name of the Vulnerable Software and Affected Versions: QuickTime for Java versions 10.4 through 10.4.8 Description: The issue allows remote attackers to obtain sensitive information, specifically screen images, via a Java applet. This occurs when QuickTime for Java is used with Quartz Composer and accesses images being rendered by other embedded QuickTime objects. Recommendations: For versions 10.4 through 10.4.8, consider disabling the use of Java applets with Quartz Composer to minimize the risk of exploitation. Restrict access to sensitive information and screen images to prevent unauthorized access.