Tuesday, February 26, 2008

QuickTime Exploit in Second Life

Charlie Miller of Independent Security Evaluators, and Dino Dai Zovi demonstrated an RTSP tunneling exploit in Second Life at the ShmooCon, a computer hacking conference. The demo is an exploit that will steal money from Second Life users.

Link here

1 comment:

Javahawk said...

Sounds like unless quicktime fixes their problem, the only solution linden labs may have to fix the exploit is to either remove this feature, or allow the user to download it to client before playing, instead of streaming from whatever sever this media is on.