Researchers at Independent Security Evaluators, during a presentation at SchmooCon , demonstrated how an attacker could steal money from people in SecondLife thanks to a QuickTime flaw.
Miller and Zovi are both experienced with flaws within Apple products. Miller published the first Apple iPhone flaw shortly after its release. At last year's CanSecWest security conference, Zovi exploited a QuickTime flaw to win a "PWN to Own" hack-a-Mac contest. While Second Life does not install QuickTime, it invites users to install the player if they want to see multimedia files within Second Life.
[H]ard|OCP - www.hardocp.com
[H]ard|OCP - www.hardocp.com