CVE-2007-6166 (GCVE-0-2007-6166)

Vulnerability from cvelistv5

Published

2007-11-29 01:00

Modified

2024-08-07 15:54

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307176
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
cve@mitre.org	http://secunia.com/advisories/27755	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/29182	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200803-08.xml
cve@mitre.org	http://securityreason.com/securityalert/3410
cve@mitre.org	http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
cve@mitre.org	http://www.kb.cert.org/vuls/id/659761	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/26549
cve@mitre.org	http://www.securityfocus.com/bid/26560
cve@mitre.org	http://www.securitytracker.com/id?1018989
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-334A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3984	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
cve@mitre.org	https://www.exploit-db.com/exploits/4648
cve@mitre.org	https://www.exploit-db.com/exploits/6013
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307176
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27755	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29182	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200803-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3410
af854a3a-2127-422b-91ae-364da2661108	http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/659761	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26549
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26560
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018989
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-334A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3984	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4648
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/6013

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.985Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26549",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26549"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
          },
          {
            "name": "3410",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3410"
          },
          {
            "name": "4648",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4648"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307176"
          },
          {
            "name": "APPLE-SA-2007-12-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
          },
          {
            "name": "GLSA-200803-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
          },
          {
            "name": "26560",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26560"
          },
          {
            "name": "TA07-334A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
          },
          {
            "name": "VU#659761",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/659761"
          },
          {
            "name": "quicktime-rtsp-contenttype-bo(38604)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
          },
          {
            "name": "6013",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6013"
          },
          {
            "name": "ADV-2007-3984",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3984"
          },
          {
            "name": "27755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27755"
          },
          {
            "name": "29182",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29182"
          },
          {
            "name": "1018989",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018989"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26549",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26549"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
        },
        {
          "name": "3410",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3410"
        },
        {
          "name": "4648",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4648"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307176"
        },
        {
          "name": "APPLE-SA-2007-12-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
        },
        {
          "name": "GLSA-200803-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
        },
        {
          "name": "26560",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26560"
        },
        {
          "name": "TA07-334A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
        },
        {
          "name": "VU#659761",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/659761"
        },
        {
          "name": "quicktime-rtsp-contenttype-bo(38604)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
        },
        {
          "name": "6013",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6013"
        },
        {
          "name": "ADV-2007-3984",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3984"
        },
        {
          "name": "27755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27755"
        },
        {
          "name": "29182",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29182"
        },
        {
          "name": "1018989",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018989"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6166",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26549",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26549"
            },
            {
              "name": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control",
              "refsource": "MISC",
              "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
            },
            {
              "name": "3410",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3410"
            },
            {
              "name": "4648",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4648"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307176",
              "refsource": "MISC",
              "url": "http://docs.info.apple.com/article.html?artnum=307176"
            },
            {
              "name": "APPLE-SA-2007-12-13",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
            },
            {
              "name": "GLSA-200803-08",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
            },
            {
              "name": "26560",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26560"
            },
            {
              "name": "TA07-334A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
            },
            {
              "name": "VU#659761",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/659761"
            },
            {
              "name": "quicktime-rtsp-contenttype-bo(38604)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
            },
            {
              "name": "6013",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6013"
            },
            {
              "name": "ADV-2007-3984",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3984"
            },
            {
              "name": "27755",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27755"
            },
            {
              "name": "29182",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29182"
            },
            {
              "name": "1018989",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018989"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6166",
    "datePublished": "2007-11-29T01:00:00",
    "dateReserved": "2007-11-28T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.985Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-6166\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-11-29T01:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Apple QuickTime anterior a la versi\u00f3n 7.3.1, como es usado en QuickTime Player en Windows XP y Safari en Mac OS X, permite a servidores remotos de Real Time Streaming Protocol (RTSP) ejecutar c\u00f3digo arbitrario por medio de una respuesta RTSP con un encabezado Content-Type largo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.3\",\"matchCriteriaId\":\"E24B999C-BF13-4379-A8FF-A4C831C97453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EE08FAE-0862-4C36-95BC-878B04CBF397\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F310A8-F760-4059-987D-42369F360DE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71BC599-FCBE-4F1F-AA24-41AF91F82226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41473E1D-B988-4312-B16B-D340508DD473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC2EBC0-F2A6-4709-9A27-CF63BC578744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"844E1B14-A13A-47F1-9C82-02EAEED1A911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80747BDD-70E9-4E74-896F-C79D014F1B2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA1E140B-BCB4-4B3C-B287-E9E944E08DB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2CE0B67-0794-472D-A2C0-CC5CA0E36370\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8692B488-129A-49EA-AF84-6077FCDBB898\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1758610B-3789-489E-A751-386D605E5A08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B535737C-BF32-471C-B26A-588632FCC427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF2C61F8-B376-40F9-8677-CADCC3295915\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6254BB56-5A25-49DC-A851-3CCA249BD71D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795E3354-7824-4EF4-A788-3CFEB75734E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9419A1E9-A0DA-4846-8959-BE50B53736E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"952A8015-B18B-481C-AC17-60F0D7EEE085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E518B27-A79B-43A4-AFA6-E59EF8E944D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEC6EF36-93B3-49BB-9A6F-1990E3F4170E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C9B657-5484-4458-861E-D6FB5019265A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3852BB02-47A1-40B3-8E32-8D8891A53114\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B339C33-8896-4896-88FF-88E74FDBC543\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE370CAA-04B3-434E-BD5B-1D87DE596C10\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"786BB737-EA99-4EC6-B742-0C35BF2453F9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2442D35-7484-43D8-9077-3FDF63104816\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC90AA12-DD17-4607-90CB-E342E83F20BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F3E721C-00CA-4D51-B542-F2BC5C0D65BF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3267A41-1AE0-48B8-BD1F-DEC8A212851A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"855288F1-0242-4951-AB3F-B7AF13E21CF6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10082781-B93E-4B84-94F2-FA9749B4D92B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1EBF04-C440-4A6B-93F2-DC3A812728C2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFB077A2-927B-43AF-BFD5-0E78648C9394\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2398ADC8-A106-462E-B9AE-F8AF800D0A3C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1335E35A-D381-4056-9E78-37BC6DF8AD98\"}]}]}],\"references\":[{\"url\":\"http://docs.info.apple.com/article.html?artnum=307176\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27755\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29182\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200803-08.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/3410\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/659761\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/26549\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26560\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018989\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-334A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3984\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38604\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/4648\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/6013\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27755\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200803-08.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/3410\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/659761\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/26549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018989\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-334A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3984\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/38604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/4648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/6013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-mrqv-c428-3hfp

Vulnerability from github

Published

2022-05-01 18:40

Modified

2022-05-01 18:40

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-6166"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-11-29T01:46:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.",
  "id": "GHSA-mrqv-c428-3hfp",
  "modified": "2022-05-01T18:40:07Z",
  "published": "2022-05-01T18:40:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6166"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/4648"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/6013"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27755"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29182"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3410"
    },
    {
      "type": "WEB",
      "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/659761"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26549"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26560"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018989"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3984"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2007-6166

Vulnerability from fkie_nvd

Published

2007-11-29 01:46

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307176
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
cve@mitre.org	http://secunia.com/advisories/27755	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/29182	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200803-08.xml
cve@mitre.org	http://securityreason.com/securityalert/3410
cve@mitre.org	http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
cve@mitre.org	http://www.kb.cert.org/vuls/id/659761	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/26549
cve@mitre.org	http://www.securityfocus.com/bid/26560
cve@mitre.org	http://www.securitytracker.com/id?1018989
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-334A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3984	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
cve@mitre.org	https://www.exploit-db.com/exploits/4648
cve@mitre.org	https://www.exploit-db.com/exploits/6013
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307176
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27755	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29182	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200803-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3410
af854a3a-2127-422b-91ae-364da2661108	http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/659761	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26549
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26560
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018989
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-334A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3984	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4648
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/6013

Impacted products

Vendor	Product	Version
apple	quicktime	*
apple	quicktime	-
apple	quicktime	3.0
apple	quicktime	4.1.2
apple	quicktime	5.0
apple	quicktime	5.0.1
apple	quicktime	5.0.2
apple	quicktime	6.0
apple	quicktime	6.1
apple	quicktime	6.5
apple	quicktime	6.5.1
apple	quicktime	6.5.2
apple	quicktime	7.0
apple	quicktime	7.0.1
apple	quicktime	7.0.2
apple	quicktime	7.0.3
apple	quicktime	7.0.4
apple	quicktime	7.1
apple	quicktime	7.1.1
apple	quicktime	7.1.2
apple	quicktime	7.1.3
apple	quicktime	7.1.4
apple	quicktime	7.1.5
apple	quicktime	7.1.6
apple	quicktime	7.2
microsoft	windows_vista	*
microsoft	windows_xp	*
apple	safari	*
apple	mac_os_x	10.3.9
apple	mac_os_x	10.4.9
apple	mac_os_x	10.5
apple	mac_os_x	10.5.0
apple	mac_os_x	10.5.1
apple	mac_os_x	10.5.2
apple	mac_os_x	10.5.3
apple	mac_os_x	10.5.4
apple	mac_os_x	10.5.5
apple	mac_os_x	10.5.6
apple	mac_os_x	10.5.7
apple	mac_os_x	10.5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24B999C-BF13-4379-A8FF-A4C831C97453",
              "versionEndIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE08FAE-0862-4C36-95BC-878B04CBF397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Apple QuickTime anterior a la versi\u00f3n 7.3.1, como es usado en QuickTime Player en Windows XP y Safari en Mac OS X, permite a servidores remotos de Real Time Streaming Protocol (RTSP) ejecutar c\u00f3digo arbitrario por medio de una respuesta RTSP con un encabezado Content-Type largo."
    }
  ],
  "id": "CVE-2007-6166",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-11-29T01:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27755"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29182"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3410"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/659761"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26549"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26560"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018989"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3984"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/4648"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/6013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3410"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/659761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/4648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/6013"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Une vulnérabilité a été identifiée dans le logiciel multimédia Apple QuickTime. Ce dernier ne manipule pas correctement un champ dans l'en-tête des réponses retournées par le serveur de flux RTSP. Une personne malveillante pourrait inciter un utilisateur à se rendre sur un tel serveur, ce qui pourrait alors perturber son système ou permettre à l'attaquant d'exécuter des commandes arbitraires.

Description

Une vulnérabilité a été identifiée dans le logiciel multimédia Apple QuickTime. Ce dernier ne manipulerait pas correctement un champ dans l'en-tête des réponses retournées par le serveur de flux RTSP.

RTSP (pour Real Time Streaming Protocol) est un protocole permettant d'établir et de contrôler des flux synchronisés de médias continus (streaming), qu'ils soient audio ou vidéo. Il est conceptuellement très proche de HTTP : il est à état et utilise la notion de session.

Lorsque le client envoie une requête au serveur, ce dernier retourne une réponse, avec un champ Content-Type.

Apple QuickTime n'interpréterait pas correctement la valeur de ce champ. Cette vulnérabilité peut ainsi être exploitée par une personne distante, qui aura pris soin de mettre en place un serveur de flux répondant par cette vulnérabilité. L'utilisateur amené à récupérer le flux multimédia, par un lien par exemple provoquera le dysfonctionnement, voire l'exécution de code arbitraire sur son sytème vulnérable.

Contournement provisoire

5.1 De manière générale

Il est préférable, dans l'attente d'un correctif, d'utiliser un lecteur multimédia alternatif.

L'administrateur du réseau peut également vérifier que les flux sortants TCP/UDP vers le port 554 sont bloqués. Ces ports sont ceux par défaut attribués au protocole Real Time Streaming Protocol, mais peuvent être changés et remplacés par n'importe quel autre port convenu côté serveur et côté client. Cette mesure n'est donc pas suffisante.

Les navigateurs offrent également la possibilité de désactiver les modules ou plugins.

Les recommandations standards s'appliquent toujours : l'interprétation de codes dynamiques comme Javascript doit être désactivée par défaut.

5.2 Sous Microsoft Windows :

Désactiver la prise en charge des liens rtsp:// dans Quicktime en décochant la case
Préférences de Quicktime -> Types de fichiers -> Diffusion -> Descripteur de flux RTSP ;
Désactiver l'association faite entre le type de fichier et QuickTime, en supprimant les clés de registre de la forme
HKEY_CLASSES_ROOT/TT>

5.3 Sous Apple MacOS X :

Désactiver la prise en charge des liens rtsp:// dans QuickTime en décochant la case
Préférences de Quicktime -> Avancé -> Réglages MIME -> Diffusion -> Descripteur de flux RTSP ;

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	La version 7.5 d'Apple iTunes ainsi que les versions antérieures.
	Apple	N/A	La version 7.3 d'Apple QuickTime ainsi que les versions antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité de l'US-CERT VU#659761 du 24 novembre 2007	None	vendor-advisory
Désinstaller des modules ou plugins sous Mozilla :	-	other
Site de téléchargement d'Apple QuickTime :	-	other
Note de vulnérabilité de l'US-CERT VU#659761 du 24 novembre 2007 :	-	other
Bulletin de sécurité QuickTime du 13 décembre 2007 :	-	other
Alerte CERTA-2007-ALE-001 du 04 janvier 2007 :	-	other
RFC 2326, "Real Time Streaming Protocol" :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "La version 7.5 d\u0027Apple iTunes ainsi que les versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "La version 7.3 d\u0027Apple QuickTime ainsi que les versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2007-12-14",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le logiciel multim\u00e9dia Apple\nQuickTime. Ce dernier ne manipulerait pas correctement un champ dans\nl\u0027en-t\u00eate des r\u00e9ponses retourn\u00e9es par le serveur de flux RTSP.\n\nRTSP (pour Real Time Streaming Protocol) est un protocole permettant\nd\u0027\u00e9tablir et de contr\u00f4ler des flux synchronis\u00e9s de m\u00e9dias continus\n(streaming), qu\u0027ils soient audio ou vid\u00e9o. Il est conceptuellement tr\u00e8s\nproche de HTTP : il est \u00e0 \u00e9tat et utilise la notion de session.\n\nLorsque le client envoie une requ\u00eate au serveur, ce dernier retourne une\nr\u00e9ponse, avec un champ Content-Type.\n\nApple QuickTime n\u0027interpr\u00e9terait pas correctement la valeur de ce champ.\nCette vuln\u00e9rabilit\u00e9 peut ainsi \u00eatre exploit\u00e9e par une personne distante,\nqui aura pris soin de mettre en place un serveur de flux r\u00e9pondant par\ncette vuln\u00e9rabilit\u00e9. L\u0027utilisateur amen\u00e9 \u00e0 r\u00e9cup\u00e9rer le flux multim\u00e9dia,\npar un lien par exemple provoquera le dysfonctionnement, voire\nl\u0027ex\u00e9cution de code arbitraire sur son syt\u00e8me vuln\u00e9rable.\n\n## Contournement provisoire\n\n## 5.1 De mani\u00e8re g\u00e9n\u00e9rale\n\nIl est pr\u00e9f\u00e9rable, dans l\u0027attente d\u0027un correctif, d\u0027utiliser un lecteur\nmultim\u00e9dia alternatif.\n\nL\u0027administrateur du r\u00e9seau peut \u00e9galement v\u00e9rifier que les flux sortants\nTCP/UDP vers le port 554 sont bloqu\u00e9s. Ces ports sont ceux par d\u00e9faut\nattribu\u00e9s au protocole Real Time Streaming Protocol, mais peuvent \u00eatre\nchang\u00e9s et remplac\u00e9s par n\u0027importe quel autre port convenu c\u00f4t\u00e9 serveur\net c\u00f4t\u00e9 client. Cette mesure n\u0027est donc pas suffisante.\n\nLes navigateurs offrent \u00e9galement la possibilit\u00e9 de d\u00e9sactiver les\nmodules ou plugins.\n\nLes recommandations standards s\u0027appliquent toujours : l\u0027interpr\u00e9tation\nde codes dynamiques comme Javascript doit \u00eatre d\u00e9sactiv\u00e9e par d\u00e9faut.\n\n## 5.2 Sous Microsoft Windows :\n\n-   D\u00e9sactiver la prise en charge des liens rtsp:// dans Quicktime en\n    d\u00e9cochant la case  \n    Pr\u00e9f\u00e9rences de Quicktime -\\\u003e Types de fichiers -\\\u003e Diffusion -\\\u003e\n    Descripteur de flux RTSP ;\n-   D\u00e9sactiver l\u0027association faite entre le type de fichier et\n    QuickTime, en supprimant les cl\u00e9s de registre de la forme  \n    HKEY_CLASSES_ROOT/TT\\\u003e\n\n## 5.3 Sous Apple MacOS X :\n\n-   D\u00e9sactiver la prise en charge des liens rtsp:// dans QuickTime en\n    d\u00e9cochant la case  \n    Pr\u00e9f\u00e9rences de Quicktime -\\\u003e Avanc\u00e9 -\\\u003e R\u00e9glages MIME -\\\u003e Diffusion\n    -\\\u003e Descripteur de flux RTSP ;\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0015"
    },
    {
      "name": "CVE-2007-6166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6166"
    }
  ],
  "initial_release_date": "2007-11-27T00:00:00",
  "last_revision_date": "2007-12-14T00:00:00",
  "links": [
    {
      "title": "D\u00e9sinstaller des modules ou plugins sous Mozilla :",
      "url": "http://plugindoc.mozdev.org/faqs/uninstall.html"
    },
    {
      "title": "Site de t\u00e9l\u00e9chargement d\u0027Apple QuickTime :",
      "url": "http://www.apple.com/quicktime/"
    },
    {
      "title": "Note de vuln\u00e9rabilit\u00e9 de l\u0027US-CERT VU#659761 du 24 novembre    2007 :",
      "url": "http://www.kb.cert.org/vuls/id/659761"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 QuickTime du 13 d\u00e9cembre 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    },
    {
      "title": "Alerte CERTA-2007-ALE-001 du 04 janvier 2007 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ALE-001/"
    },
    {
      "title": "RFC 2326, \"Real Time Streaming Protocol\" :",
      "url": "http://tools.ietf.org/html/rfc2326"
    }
  ],
  "reference": "CERTA-2007-ALE-017",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-11-27T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 QuickTime.",
      "revision_date": "2007-12-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le logiciel multim\u00e9dia Apple\nQuickTime. Ce dernier ne manipule pas correctement un champ dans\nl\u0027en-t\u00eate des r\u00e9ponses retourn\u00e9es par le serveur de flux RTSP. Une\npersonne malveillante pourrait inciter un utilisateur \u00e0 se rendre sur un\ntel serveur, ce qui pourrait alors perturber son syst\u00e8me ou permettre \u00e0\nl\u0027attaquant d\u0027ex\u00e9cuter des commandes arbitraires.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans la gestion RTSP d\u0027Apple QuickTime",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 de l\u0027US-CERT VU#659761 du 24 novembre 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-544

Vulnerability from certfr_avis

De multiples vulnérabilités dans Apple QuickTime permettent d'effectuer un déni de service ou d'exécuter du code arbitraire à distance.

Description

De multiples vulnérabilités affectent QuickTime :

la première, CVE-2007-6166, décrite dans l'alerte CERTA-2007-ALE-017 concerne la prise en charge des flux RTSP ;
la seconde, CVE-2007-4706, concerne la gestion des fichiers de liens QuickTime (possédant l'extension QTL). Cette vulnérabilité pourrait permettre à un utilisateur distant d'exécuter du code arbitraire ou de réaliser un déni de service par le biais d'un débordement de mémoire ;
la dernière, CVE-2007-4707, concerne le composant Flash media handler de QuickTime. Ce composant est sujet à de multiples vulnérabilités dont certaines permettent à un utilisateur distant d'exécuter du code arbitraire. Le correctif fournit par Apple consiste à n'activer ce composant que pour des vidéos existantes et de confiance au format QuickTime.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	Apple QuickTime versions antérieures à 7.3.1.

References

Title

Publication Time

Tags

Bulletin de sécurité QuickTime du 13 décembre 2007	None	vendor-advisory
Alerte du CERTA CERTA-2007-ALE-017 du 27 novembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple QuickTime versions ant\u00e9rieures \u00e0 7.3.1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s affectent QuickTime :\n\n-   la premi\u00e8re, CVE-2007-6166, d\u00e9crite dans l\u0027alerte CERTA-2007-ALE-017\n    concerne la prise en charge des flux RTSP ;\n-   la seconde, CVE-2007-4706, concerne la gestion des fichiers de liens\n    QuickTime (poss\u00e9dant l\u0027extension QTL). Cette vuln\u00e9rabilit\u00e9 pourrait\n    permettre \u00e0 un utilisateur distant d\u0027ex\u00e9cuter du code arbitraire ou\n    de r\u00e9aliser un d\u00e9ni de service par le biais d\u0027un d\u00e9bordement de\n    m\u00e9moire ;\n-   la derni\u00e8re, CVE-2007-4707, concerne le composant Flash media\n    handler de QuickTime. Ce composant est sujet \u00e0 de multiples\n    vuln\u00e9rabilit\u00e9s dont certaines permettent \u00e0 un utilisateur distant\n    d\u0027ex\u00e9cuter du code arbitraire. Le correctif fournit par Apple\n    consiste \u00e0 n\u0027activer ce composant que pour des vid\u00e9os existantes et\n    de confiance au format QuickTime.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-4706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4706"
    },
    {
      "name": "CVE-2007-4707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4707"
    },
    {
      "name": "CVE-2007-6166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6166"
    }
  ],
  "initial_release_date": "2007-12-14T00:00:00",
  "last_revision_date": "2007-12-14T00:00:00",
  "links": [
    {
      "title": "Alerte du CERTA CERTA-2007-ALE-017 du 27 novembre 2007 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ALE-017/"
    }
  ],
  "reference": "CERTA-2007-AVI-544",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Apple QuickTime permettent d\u0027effectuer\nun d\u00e9ni de service ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s d\u0027Apple QuickTime",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 QuickTime du 13 d\u00e9cembre 2007",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    }
  ]
}

var-200711-0065

Vulnerability from variot

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Apple QuickTime RTSP of Content-Type A stack buffer overflow vulnerability exists in the handling of headers. Winodws Plate and Mac Edition QuickTime Are affected by this vulnerability. Also, iTunes Such QuickTime Systems that have installed software that uses Microsoft are also affected by this vulnerability. In addition, verification code that exploits this vulnerability has already been published.Crafted by a remote third party RTSP stream Arbitrary code could be executed when a user connects to. This issue occurs when handling specially crafted RTSP Response headers. Attackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions. UPDATE (December 4, 2007): Attackers are exploiting this issue through the Second Life Viewer to steal Linden dollars from unsuspecting victims. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats.

I. Most versions of QuickTime prior to and including 7.3 running on all supported Apple Mac OS X and Microsoft Windows platforms are vulnerable.

An attacker could exploit this vulnerability by convincing a user to access a specially crafted HTML document such as a web page or email message. The HTML document could use a variety of techniques to cause QuickTime to load a specially crafted RTSP stream. Common web browsers, including Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari can be used to pass RTSP streams to QuickTime, exploit the vulnerability, and execute arbitrary code.

Exploit code for this vulnerability was first posted publicly on November 25, 2007.

II.

III. To block attack vectors, consider the following workarounds.

Block the rtsp:// protocol

Using a proxy or firewall capable of recognizing and blocking RTSP traffic can mitigate this vulnerability. Known public exploit code for this vulnerability uses the default RTSP port 554/tcp, however RTSP can use a variety of ports.

Disable file association for QuickTime files

Disable the file association for QuickTime file types. This can be accomplished by deleting the following registry keys: HKEY_CLASSES_ROOT\QuickTime.*

This will remove the association for approximately 32 file types that are configured to open with QuickTime Player.

Disable the QuickTime ActiveX controls in Internet Explorer

The QuickTime ActiveX controls can be disabled in Internet Explorer by setting the kill bit for the following CLSIDs: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} {4063BE15-3B08-470D-A0D5-B37161CFFD69}

More information about how to set the kill bit is available in Microsoft Knolwedgebase Article 240797. Alternatively, the following text can be saved as a .REG file and imported to set the kill bit for these controls:

Windows Registry Editor Version 5.00

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
   Compatibility\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}]
   "Compatibility Flags"=dword:00000400

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
   Compatibility\{4063BE15-3B08-470D-A0D5-B37161CFFD69}]
   "Compatibility Flags"=dword:00000400

Disable the QuickTime plug-in for Mozilla-based browsers

Users of Mozilla-based browsers, such as Firefox can disable the QuickTime plugin, as specified in the PluginDoc article Uninstalling Plugins.

Disable JavaScript

For instructions on how to disable JavaScript, please refer to the Securing Your Web Browser document. This can help prevent some attack techniques that use the QuickTime plug-in or ActiveX control.

Secure your web browser

To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser.

Do not access QuickTime files from untrusted sources

Do not open QuickTime files from any untrusted sources, including unsolicited files or links received in email, instant messages, web forums, or internet relay chat (IRC) channels.

References

US-CERT Vulnerability Note VU#659761 - http://www.kb.cert.org/vuls/id/659761
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
Mozilla Uninstalling Plugins - http://plugindoc.mozdev.org/faqs/uninstall.html
How to stop an ActiveX control from running in Internet Explorer - http://support.microsoft.com/kb/240797
IETF RFC 2326 Real Time Streaming Protocol - http://tools.ietf.org/html/rfc2326

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA07-334A.html>

Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA07-334A Feedback VU#659761" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2007 by US-CERT, a government organization.

 <http://www.us-cert.gov/legal.html>

Revision History

November 30, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR1ArKvRFkHkM87XOAQJg7wf/X4wAipFWO2ZJ5MdPzTwzE+x1OUIJxenP cFuLApajAMZ33yAyTTjA0sYhKveYhxSwqQTetEPiAWp5r/KPkJL5ugkeSvtzbAgf U6rsCICcRpjPJ7IjqsW/u6Hk2PBVqWwgip+FhZG5J5mjRPUdRr3JbmKlsEm/XDxi +ENxwrAgcoQHkLn76xn/9+1vTbI3zxi0GoyAR+GIFzs+Fsn+LazMCCrDI4ltPMnS c+Qpa3/qkOC+svz63yyHBjhq6eT2HQBP/X/50syweUOf4SrpDOdexX+mRPr03i6+ 9byGzjid5sObMAbpH1AzCtiDB56ai3zf+G5qV0uK2ziXihvNEn7JKA== =Jc+L -----END PGP SIGNATURE----- .

2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published

How do you know which Secunia advisories are important to you?

The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. tricked into opening a malicious QTL file or visiting a malicious web site.

The vulnerability is confirmed in version 7.3.

SOLUTION: Do not browse untrusted websites, follow untrusted links, nor open untrusted QTL files.

PROVIDED AND/OR DISCOVERED BY: h07

ORIGINAL ADVISORY: http://www.milw0rm.com/exploits/4648

OTHER REFERENCES: VU#659761: http://www.kb.cert.org/vuls/id/659761

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. ----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Note: This update removes the affected binary Quicktime library. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Gentoo Linux Security Advisory GLSA 200803-08

                                        http://security.gentoo.org/

Severity: Normal Title: Win32 binary codecs: Multiple vulnerabilities Date: March 04, 2008 Bugs: #150288 ID: 200803-08

Synopsis

Multiple vulnerabilities in the Win32 codecs for Linux may result in the remote execution of arbitrary code.

Background

Win32 binary codecs provide support for video and audio playback.

Affected packages

-------------------------------------------------------------------
 Package                 /    Vulnerable    /           Unaffected
-------------------------------------------------------------------

1 media-libs/win32codecs < 20071007-r2 >= 20071007-r2

Description

Multiple buffer overflow, heap overflow, and integer overflow vulnerabilities were discovered in the Quicktime plugin when processing MOV, FLC, SGI, H.264 and FPX files.

Workaround

There is no known workaround at this time.

Resolution

All Win32 binary codecs users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose

">=media-libs/win32codecs-20071007-r2"

Note: Since no updated binary versions have been released, the Quicktime libraries have been removed from the package. Please use the free alternative Quicktime implementations within VLC, MPlayer or Xine for playback.

References

[ 1 ] CVE-2006-4382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382 [ 2 ] CVE-2006-4384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384 [ 3 ] CVE-2006-4385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385 [ 4 ] CVE-2006-4386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386 [ 5 ] CVE-2006-4388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388 [ 6 ] CVE-2006-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389 [ 7 ] CVE-2007-4674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674 [ 8 ] CVE-2007-6166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200803-08.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200711-0065",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.1.1"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.0.4"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.1"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.5.2"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.1"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.5.1"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.6"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.2"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.2"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1"
      },
      {
        "model": "quicktime",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.3"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.5"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.0.3"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.3"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "*"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.5"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "7.1.4"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple computer",
        "version": null
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "4.0 to  7.3"
      },
      {
        "model": "quicktime player",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.3"
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "7.0.8"
      },
      {
        "model": "second life viewer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "linden research",
        "version": "1.18.5.3"
      },
      {
        "model": "second life viewer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "linden research",
        "version": "0"
      },
      {
        "model": "media-libs/win32codecs 20071007-r2",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "quicktime player",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.1"
      },
      {
        "model": "esignal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "esignal",
        "version": "6.0.2"
      },
      {
        "model": "quicktime player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.0.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.8"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.7"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.72"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.4"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:apple:quicktime",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Krystian Kloskowski (h07) \u003ch07@interia.pl\u003e is credited with the discovery of this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2007-6166",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2007-6166",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-29528",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-6166",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#659761",
            "trust": 0.8,
            "value": "40.32"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-6166",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200711-392",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-29528",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Apple QuickTime RTSP of Content-Type A stack buffer overflow vulnerability exists in the handling of headers. Winodws Plate and Mac Edition QuickTime Are affected by this vulnerability. Also, iTunes Such QuickTime Systems that have installed software that uses Microsoft are also affected by this vulnerability. In addition, verification code that exploits this vulnerability has already been published.Crafted by a remote third party RTSP stream Arbitrary code could be executed when a user connects to. \nThis issue occurs when handling specially crafted RTSP Response headers. \nAttackers can leverage this issue to execute arbitrary machine code in the context of the user running the affected application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions. \nUPDATE (December 4, 2007): Attackers are exploiting this issue through the Second Life Viewer to steal Linden dollars from unsuspecting victims. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. \n\nI. Most versions of\n   QuickTime prior to and including 7.3 running on all supported Apple\n   Mac OS X and Microsoft Windows platforms are vulnerable. \n\n   An attacker could exploit this vulnerability by convincing a user to\n   access a specially crafted HTML document such as a web page or email\n   message. The HTML document could use a variety of techniques to cause\n   QuickTime to load a specially crafted RTSP stream. Common web\n   browsers, including Microsoft Internet Explorer, Mozilla Firefox, and\n   Apple Safari can be used to pass RTSP streams to QuickTime, exploit\n   the vulnerability, and execute arbitrary code. \n\n   Exploit code for this vulnerability was first posted publicly on\n   November 25, 2007. \n\nII. \n\nIII. To block attack vectors, consider the following\n   workarounds. \n\nBlock the rtsp:// protocol\n\n   Using a proxy or firewall capable of recognizing and blocking RTSP\n   traffic can mitigate this vulnerability. Known public exploit code for\n   this vulnerability uses the default RTSP port 554/tcp, however RTSP\n   can use a variety of ports. \n\nDisable file association for QuickTime files\n\n   Disable the file association for QuickTime file types. This can be\n   accomplished by deleting the following registry keys:\n   HKEY_CLASSES_ROOT\\QuickTime.*\n\n   This will remove the association for approximately 32 file types that\n   are configured to open with QuickTime Player. \n\nDisable the QuickTime ActiveX controls in Internet Explorer\n\n   The QuickTime ActiveX controls can be disabled in Internet Explorer by\n   setting the kill bit for the following CLSIDs:\n       {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\n       {4063BE15-3B08-470D-A0D5-B37161CFFD69}\n\n   More information about how to set the kill bit is available in\n   Microsoft Knolwedgebase Article 240797. Alternatively, the following\n   text can be saved as a .REG file and imported to set the kill bit for\n   these controls:\n   \n   Windows Registry Editor Version 5.00\n   \n       [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\ActiveX\n       Compatibility\\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}]\n       \"Compatibility Flags\"=dword:00000400\n       \n       [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\ActiveX\n       Compatibility\\{4063BE15-3B08-470D-A0D5-B37161CFFD69}]\n       \"Compatibility Flags\"=dword:00000400\n\nDisable the QuickTime plug-in for Mozilla-based browsers\n\n   Users of Mozilla-based browsers, such as Firefox can disable the\n   QuickTime plugin, as specified in the PluginDoc article Uninstalling\n   Plugins. \n\nDisable JavaScript\n\n   For instructions on how to disable JavaScript, please refer to the\n   Securing Your Web Browser document. This can help prevent some attack\n   techniques that use the QuickTime plug-in or ActiveX control. \n\nSecure your web browser\n\n   To help mitigate these and other vulnerabilities that can be exploited\n   via a web browser, refer to Securing Your Web Browser. \n\nDo not access QuickTime files from untrusted sources\n\n   Do not open QuickTime files from any untrusted sources, including\n   unsolicited files or links received in email, instant messages, web\n   forums, or internet relay chat (IRC) channels. \n\n\nReferences\n\n * US-CERT Vulnerability Note VU#659761 - \u003chttp://www.kb.cert.org/vuls/id/659761\u003e\n\n * Securing Your Web Browser - \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Mozilla Uninstalling Plugins - \u003chttp://plugindoc.mozdev.org/faqs/uninstall.html\u003e\n\n * How to stop an ActiveX control from running in Internet Explorer - \u003chttp://support.microsoft.com/kb/240797\u003e\n\n * IETF RFC 2326 Real Time Streaming Protocol - \u003chttp://tools.ietf.org/html/rfc2326\u003e\n  \n\n _________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n     \u003chttp://www.us-cert.gov/cas/techalerts/TA07-334A.html\u003e\n _________________________________________________________________\n\n   Feedback can be directed to US-CERT Technical Staff. Please send\n   email to \u003ccert@cert.org\u003e with \"TA07-334A Feedback VU#659761\" in the\n   subject. \n _________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n _________________________________________________________________\n\n   Produced 2007 by US-CERT, a government organization. \n\n   Terms of use:\n\n     \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\nRevision History\n\n   November 30, 2007: Initial release\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBR1ArKvRFkHkM87XOAQJg7wf/X4wAipFWO2ZJ5MdPzTwzE+x1OUIJxenP\ncFuLApajAMZ33yAyTTjA0sYhKveYhxSwqQTetEPiAWp5r/KPkJL5ugkeSvtzbAgf\nU6rsCICcRpjPJ7IjqsW/u6Hk2PBVqWwgip+FhZG5J5mjRPUdRr3JbmKlsEm/XDxi\n+ENxwrAgcoQHkLn76xn/9+1vTbI3zxi0GoyAR+GIFzs+Fsn+LazMCCrDI4ltPMnS\nc+Qpa3/qkOC+svz63yyHBjhq6eT2HQBP/X/50syweUOf4SrpDOdexX+mRPr03i6+\n9byGzjid5sObMAbpH1AzCtiDB56ai3zf+G5qV0uK2ziXihvNEn7JKA==\n=Jc+L\n-----END PGP SIGNATURE-----\n. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. tricked into opening a malicious QTL\nfile or visiting a malicious web site. \n\nThe vulnerability is confirmed in version 7.3. \n\nSOLUTION:\nDo not browse untrusted websites, follow untrusted links, nor open\nuntrusted QTL files. \n\nPROVIDED AND/OR DISCOVERED BY:\nh07\n\nORIGINAL ADVISORY:\nhttp://www.milw0rm.com/exploits/4648\n\nOTHER REFERENCES:\nVU#659761:\nhttp://www.kb.cert.org/vuls/id/659761\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. This fixes some\nvulnerabilities, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nNote: This update removes the affected binary Quicktime library. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200803-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: Win32 binary codecs: Multiple vulnerabilities\n      Date: March 04, 2008\n      Bugs: #150288\n        ID: 200803-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in the Win32 codecs for Linux may result in\nthe remote execution of arbitrary code. \n\nBackground\n==========\n\nWin32 binary codecs provide support for video and audio playback. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package                 /    Vulnerable    /           Unaffected\n    -------------------------------------------------------------------\n  1  media-libs/win32codecs      \u003c 20071007-r2          \u003e= 20071007-r2\n\nDescription\n===========\n\nMultiple buffer overflow, heap overflow, and integer overflow\nvulnerabilities were discovered in the Quicktime plugin when processing\nMOV, FLC, SGI, H.264 and FPX files. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Win32 binary codecs users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose\n\"\u003e=media-libs/win32codecs-20071007-r2\"\n\nNote: Since no updated binary versions have been released, the\nQuicktime libraries have been removed from the package. Please use the\nfree alternative Quicktime implementations within VLC, MPlayer or Xine\nfor playback. \n\nReferences\n==========\n\n  [ 1 ] CVE-2006-4382\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382\n  [ 2 ] CVE-2006-4384\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384\n  [ 3 ] CVE-2006-4385\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385\n  [ 4 ] CVE-2006-4386\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386\n  [ 5 ] CVE-2006-4388\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388\n  [ 6 ] CVE-2006-4389\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389\n  [ 7 ] CVE-2007-4674\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674\n  [ 8 ] CVE-2007-6166\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200803-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      },
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "db": "PACKETSTORM",
        "id": "61419"
      },
      {
        "db": "PACKETSTORM",
        "id": "61196"
      },
      {
        "db": "PACKETSTORM",
        "id": "64286"
      },
      {
        "db": "PACKETSTORM",
        "id": "64267"
      }
    ],
    "trust": 3.33
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-29528",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#659761",
        "trust": 4.1
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "26549",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "27755",
        "trust": 2.8
      },
      {
        "db": "EXPLOIT-DB",
        "id": "4648",
        "trust": 2.6
      },
      {
        "db": "USCERT",
        "id": "TA07-334A",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1018989",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "26560",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "29182",
        "trust": 1.8
      },
      {
        "db": "SREASON",
        "id": "3410",
        "trust": 1.7
      },
      {
        "db": "EXPLOIT-DB",
        "id": "6013",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-3984",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "38604",
        "trust": 1.4
      },
      {
        "db": "EXPLOIT-DB",
        "id": "4651",
        "trust": 0.9
      },
      {
        "db": "EXPLOIT-DB",
        "id": "4657",
        "trust": 0.9
      },
      {
        "db": "USCERT",
        "id": "SA07-334A",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009",
        "trust": 0.8
      },
      {
        "db": "MILW0RM",
        "id": "6013",
        "trust": 0.6
      },
      {
        "db": "MILW0RM",
        "id": "4648",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200803-08",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2007-12-13",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "TA07-334A",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-392",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "4664",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "16424",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "11027",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "16873",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-71370",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-70939",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "83037",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-29528",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "61419",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "61196",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "64286",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "64267",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "PACKETSTORM",
        "id": "61419"
      },
      {
        "db": "PACKETSTORM",
        "id": "61196"
      },
      {
        "db": "PACKETSTORM",
        "id": "64286"
      },
      {
        "db": "PACKETSTORM",
        "id": "64267"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "id": "VAR-200711-0065",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:16:40.045000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.apple.com/jp/quicktime/home/win.html"
      },
      {
        "title": "QuickTime 7.3.1",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=307176-en"
      },
      {
        "title": "QuickTime 7.3.1",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=307176-ja"
      },
      {
        "title": "TA07-334A",
        "trust": 0.8,
        "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta07-334a.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "http://www.kb.cert.org/vuls/id/659761"
      },
      {
        "trust": 2.8,
        "url": "http://docs.info.apple.com/article.html?artnum=307176"
      },
      {
        "trust": 2.5,
        "url": "http://www.beskerming.com/security/2007/11/25/74/quicktime_-_remote_hacker_automatic_control"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/26549"
      },
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/cas/techalerts/ta07-334a.html"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1018989"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/27755"
      },
      {
        "trust": 1.8,
        "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/26560"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/29182"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/3410"
      },
      {
        "trust": 1.5,
        "url": "http://www.milw0rm.com/exploits/4648"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2007/3984"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/38604"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/4648"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/6013"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/3984"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6166"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc2326"
      },
      {
        "trust": 0.8,
        "url": "http://tools.ietf.org/html/rfc2326#section-12.16"
      },
      {
        "trust": 0.8,
        "url": "http://www.apple.com/quicktime/technologies/streaming/"
      },
      {
        "trust": 0.8,
        "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
      },
      {
        "trust": 0.8,
        "url": "http://developer.apple.com/quicktime/icefloe/dispatch028.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.apple.com/quicktime/resources/qt/us/proxy/"
      },
      {
        "trust": 0.8,
        "url": "http://www.milw0rm.com/exploits/4651"
      },
      {
        "trust": 0.8,
        "url": "http://www.milw0rm.com/exploits/4657"
      },
      {
        "trust": 0.8,
        "url": "http://quicktime.tc.columbia.edu/users/iml/movies/mtest.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/12/exploit_for_apple_quicktime_vu.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.rubicode.com/software/rcdefaultapp/"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/wr/2007/wr074701.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/wr/2007/wr074901.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2007/at070023.txt"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu%23659761/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta07-334a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/trta07-334a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-6166"
      },
      {
        "trust": 0.8,
        "url": "http://www.us-cert.gov/cas/alerts/sa07-334a.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.cyberpolice.go.jp/important/2007/20071214_142118.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.apple.com/quicktime/"
      },
      {
        "trust": 0.6,
        "url": "http://support.microsoft.com/kb/240797"
      },
      {
        "trust": 0.6,
        "url": "http://www.milw0rm.com/exploits/6013"
      },
      {
        "trust": 0.3,
        "url": "http://blog.secondlife.com/2007/12/02/second-life-viewer-susceptible-to-quicktime-security-flaw/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/27755/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://plugindoc.mozdev.org/faqs/uninstall.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://tools.ietf.org/html/rfc2326\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/659761\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.microsoft.com/kb/240797\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta07-334a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5090/"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/21893/"
      },
      {
        "trust": 0.1,
        "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-08.xml"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/29182/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/339/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27523/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4385"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4389"
      },
      {
        "trust": 0.1,
        "url": "http://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://enigmail.mozdev.org"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4384"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6166"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4386"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4386"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4385"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4389"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4382"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4388"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4382"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4388"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4384"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "PACKETSTORM",
        "id": "61419"
      },
      {
        "db": "PACKETSTORM",
        "id": "61196"
      },
      {
        "db": "PACKETSTORM",
        "id": "64286"
      },
      {
        "db": "PACKETSTORM",
        "id": "64267"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "db": "PACKETSTORM",
        "id": "61419"
      },
      {
        "db": "PACKETSTORM",
        "id": "61196"
      },
      {
        "db": "PACKETSTORM",
        "id": "64286"
      },
      {
        "db": "PACKETSTORM",
        "id": "64267"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-11-24T00:00:00",
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "date": "2007-11-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "date": "2007-11-23T00:00:00",
        "db": "BID",
        "id": "26549"
      },
      {
        "date": "2007-11-24T00:00:00",
        "db": "BID",
        "id": "26560"
      },
      {
        "date": "2007-12-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "date": "2007-12-02T20:40:22",
        "db": "PACKETSTORM",
        "id": "61419"
      },
      {
        "date": "2007-11-27T02:10:48",
        "db": "PACKETSTORM",
        "id": "61196"
      },
      {
        "date": "2008-03-12T17:55:23",
        "db": "PACKETSTORM",
        "id": "64286"
      },
      {
        "date": "2008-03-04T22:49:07",
        "db": "PACKETSTORM",
        "id": "64267"
      },
      {
        "date": "2007-11-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "date": "2007-11-29T01:46:00",
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-01-11T00:00:00",
        "db": "CERT/CC",
        "id": "VU#659761"
      },
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-29528"
      },
      {
        "date": "2015-05-12T19:49:00",
        "db": "BID",
        "id": "26549"
      },
      {
        "date": "2007-12-18T20:06:00",
        "db": "BID",
        "id": "26560"
      },
      {
        "date": "2007-12-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001009"
      },
      {
        "date": "2009-01-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200711-392"
      },
      {
        "date": "2024-11-21T00:39:30.300000",
        "db": "NVD",
        "id": "CVE-2007-6166"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple QuickTime RTSP Content-Type header stack buffer overflow",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#659761"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Boundary Condition Error",
    "sources": [
      {
        "db": "BID",
        "id": "26549"
      },
      {
        "db": "BID",
        "id": "26560"
      }
    ],
    "trust": 0.6
  }
}

gsd-2007-6166

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-6166

Aliases

CVE-2007-6166

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-6166",
    "description": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.",
    "id": "GSD-2007-6166",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2007-6166"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-6166"
      ],
      "details": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.",
      "id": "GSD-2007-6166",
      "modified": "2023-12-13T01:21:38.341387Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-6166",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "26549",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26549"
          },
          {
            "name": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control",
            "refsource": "MISC",
            "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
          },
          {
            "name": "3410",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3410"
          },
          {
            "name": "4648",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/4648"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=307176",
            "refsource": "MISC",
            "url": "http://docs.info.apple.com/article.html?artnum=307176"
          },
          {
            "name": "APPLE-SA-2007-12-13",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
          },
          {
            "name": "GLSA-200803-08",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
          },
          {
            "name": "26560",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26560"
          },
          {
            "name": "TA07-334A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
          },
          {
            "name": "VU#659761",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/659761"
          },
          {
            "name": "quicktime-rtsp-contenttype-bo(38604)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
          },
          {
            "name": "6013",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/6013"
          },
          {
            "name": "ADV-2007-3984",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3984"
          },
          {
            "name": "27755",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27755"
          },
          {
            "name": "29182",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29182"
          },
          {
            "name": "1018989",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018989"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6166"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
            },
            {
              "name": "VU#659761",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/659761"
            },
            {
              "name": "26549",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26549"
            },
            {
              "name": "1018989",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018989"
            },
            {
              "name": "27755",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27755"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307176",
              "refsource": "MISC",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=307176"
            },
            {
              "name": "APPLE-SA-2007-12-13",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
            },
            {
              "name": "TA07-334A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
            },
            {
              "name": "26560",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/26560"
            },
            {
              "name": "GLSA-200803-08",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
            },
            {
              "name": "29182",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29182"
            },
            {
              "name": "3410",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3410"
            },
            {
              "name": "ADV-2007-3984",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3984"
            },
            {
              "name": "quicktime-rtsp-contenttype-bo(38604)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
            },
            {
              "name": "6013",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/6013"
            },
            {
              "name": "4648",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/4648"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2007-11-29T01:46Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-6166 (GCVE-0-2007-6166)

Vulnerability from cvelistv5

ghsa-mrqv-c428-3hfp

Vulnerability from github

fkie_cve-2007-6166

Vulnerability from fkie_nvd

CERTA-2007-ALE-017

Vulnerability from certfr_alerte

Description

Contournement provisoire

5.1 De manière générale

5.2 Sous Microsoft Windows :

5.3 Sous Apple MacOS X :

Solution

CERTA-2007-AVI-544

Vulnerability from certfr_avis

Description

Solution

var-200711-0065

Vulnerability from variot

Synopsis

Background

Affected packages

Description

Workaround

Resolution

References

Availability

Concerns?

License

gsd-2007-6166

Vulnerability from gsd

Tags

Sightings

Nomenclature