cvelistv5 - cve-2006-4965

CVE-2006-4965 (GCVE-0-2006-4965)

Vulnerability from cvelistv5

Published

2006-09-25 00:00

Modified

2024-08-07 19:32

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://docs.info.apple.com/article.html?artnum=305149
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html
cve@mitre.org	http://secunia.com/advisories/22048	Exploit, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27414	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/1631
cve@mitre.org	http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox
cve@mitre.org	http://www.gnucitizen.org/blog/backdooring-mp3-files/	Exploit
cve@mitre.org	http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up
cve@mitre.org	http://www.kb.cert.org/vuls/id/751808	US Government Resource
cve@mitre.org	http://www.securityfocus.com/archive/1/446750/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/453756/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/479179/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/20138	Exploit
cve@mitre.org	http://www.securitytracker.com/id?1018687
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3155
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=305149
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22048	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27414	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1631
af854a3a-2127-422b-91ae-364da2661108	http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox
af854a3a-2127-422b-91ae-364da2661108	http://www.gnucitizen.org/blog/backdooring-mp3-files/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/751808	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/446750/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/453756/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/479179/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20138	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018687
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3155

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:32:22.652Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1631"
          },
          {
            "name": "VU#751808",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/751808"
          },
          {
            "name": "27414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27414"
          },
          {
            "name": "20070912 0DAY: QuickTime pwns Firefox",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
          },
          {
            "name": "1018687",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018687"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
          },
          {
            "name": "20061207 New MySpace worm could be on its way",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
          },
          {
            "name": "APPLE-SA-2007-03-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
          },
          {
            "name": "ADV-2007-3155",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3155"
          },
          {
            "name": "20138",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20138"
          },
          {
            "name": "20060920 Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305149"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
          },
          {
            "name": "22048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22048"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1631"
        },
        {
          "name": "VU#751808",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/751808"
        },
        {
          "name": "27414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27414"
        },
        {
          "name": "20070912 0DAY: QuickTime pwns Firefox",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
        },
        {
          "name": "1018687",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018687"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
        },
        {
          "name": "20061207 New MySpace worm could be on its way",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
        },
        {
          "name": "APPLE-SA-2007-03-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
        },
        {
          "name": "ADV-2007-3155",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3155"
        },
        {
          "name": "20138",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20138"
        },
        {
          "name": "20060920 Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=305149"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
        },
        {
          "name": "22048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22048"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4965",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1631",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1631"
            },
            {
              "name": "VU#751808",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/751808"
            },
            {
              "name": "27414",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27414"
            },
            {
              "name": "20070912 0DAY: QuickTime pwns Firefox",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
            },
            {
              "name": "1018687",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018687"
            },
            {
              "name": "http://www.gnucitizen.org/blog/backdooring-mp3-files/",
              "refsource": "MISC",
              "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
            },
            {
              "name": "20061207 New MySpace worm could be on its way",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
            },
            {
              "name": "APPLE-SA-2007-03-05",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
            },
            {
              "name": "ADV-2007-3155",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3155"
            },
            {
              "name": "20138",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20138"
            },
            {
              "name": "20060920 Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305149",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=305149"
            },
            {
              "name": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox",
              "refsource": "MISC",
              "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
            },
            {
              "name": "22048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22048"
            },
            {
              "name": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up",
              "refsource": "MISC",
              "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4965",
    "datePublished": "2006-09-25T00:00:00",
    "dateReserved": "2006-09-24T00:00:00",
    "dateUpdated": "2024-08-07T19:32:22.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4965\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-09-25T00:07:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.\"},{\"lang\":\"es\",\"value\":\"Apple QuickTime 7.1.3 Player y sus plug-ins permiten a un atacante remoto ejecutar c\u00f3digo JavaScript de su elecci\u00f3n y posiblemente llevar a cabo otros ataques mediante un archivo QuickTime Media Link (QTL) con un elemento XML embebido y un par\u00e1metro qtnext que identifica recursos fuera del dominio original. NOTA: a fecha del 12-09-2007, este problema fue demostrado utilizando instancias de Components.interfaces.nsILocalFile y Components.interfaces.nsIProcess para ejecutar archivos locales de su elecci\u00f3n en Firefox y posiblemente Internet Explorer.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"952A8015-B18B-481C-AC17-60F0D7EEE085\"}]}]}],\"references\":[{\"url\":\"http://docs.info.apple.com/article.html?artnum=305149\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22048\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27414\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/1631\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gnucitizen.org/blog/backdooring-mp3-files/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/751808\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/446750/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/453756/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/479179/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20138\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1018687\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3155\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://docs.info.apple.com/article.html?artnum=305149\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22048\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/1631\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gnucitizen.org/blog/backdooring-mp3-files/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/751808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/446750/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/453756/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/479179/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id?1018687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2006-4965

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-4965

Aliases

CVE-2006-4965

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-4965",
    "description": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.",
    "id": "GSD-2006-4965"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-4965"
      ],
      "details": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.",
      "id": "GSD-2006-4965",
      "modified": "2023-12-13T01:19:52.001494Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-4965",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1631",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1631"
          },
          {
            "name": "VU#751808",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/751808"
          },
          {
            "name": "27414",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27414"
          },
          {
            "name": "20070912 0DAY: QuickTime pwns Firefox",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
          },
          {
            "name": "1018687",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018687"
          },
          {
            "name": "http://www.gnucitizen.org/blog/backdooring-mp3-files/",
            "refsource": "MISC",
            "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
          },
          {
            "name": "20061207 New MySpace worm could be on its way",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
          },
          {
            "name": "APPLE-SA-2007-03-05",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
          },
          {
            "name": "ADV-2007-3155",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3155"
          },
          {
            "name": "20138",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20138"
          },
          {
            "name": "20060920 Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=305149",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=305149"
          },
          {
            "name": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox",
            "refsource": "MISC",
            "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
          },
          {
            "name": "22048",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22048"
          },
          {
            "name": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up",
            "refsource": "MISC",
            "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4965"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.gnucitizen.org/blog/backdooring-mp3-files/",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
            },
            {
              "name": "20138",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/20138"
            },
            {
              "name": "22048",
              "refsource": "SECUNIA",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22048"
            },
            {
              "name": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
            },
            {
              "name": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305149",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=305149"
            },
            {
              "name": "APPLE-SA-2007-03-05",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
            },
            {
              "name": "VU#751808",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/751808"
            },
            {
              "name": "1018687",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018687"
            },
            {
              "name": "27414",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27414"
            },
            {
              "name": "1631",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1631"
            },
            {
              "name": "ADV-2007-3155",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/3155"
            },
            {
              "name": "20070912 0DAY: QuickTime pwns Firefox",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
            },
            {
              "name": "20061207 New MySpace worm could be on its way",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
            },
            {
              "name": "20060920 Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:40Z",
      "publishedDate": "2006-09-25T00:07Z"
    }
  }
}

Plusieurs vulnérabilités ont été identifiées dans le logiciel Apple QuickTime. Elles permettraient à une personne malveillante qui les exploiteraient de perturber l'application, voire d'exécuter des commandes arbitraires sur le système ayant une version vulnérable.

Description

Plusieurs vulnérabilités ont été identifiées dans le lecteur multimedia Apple QuickTime. Elles concernent une mauvaise manipulation de fichiers aux formats suivants :

3rd Generation Partnership Project (extensions de fichier : .3gp ou .3g2). Il s'agit d'un format de vidéos compressées prévues pour être diffusées sur les réseaux mobiles dits de troisième génération (3G).
MIDI, ou Musical Instrument Digital Interface (extension .smf). Il s'agit d'un format destiné intialement à faire communiquer les instruments électroniques.
Quicktime (extension : .mov). Il s'agit d'un format permettant de regrouper plusieurs types de données (texte, video ou audio par exemple).
PICT (extension : .pct). Il s'agit d'un format vectoriel interne au fonctionnement de Macintosh.
QTIF, ou Quicktime Image File Format (extension : .qif). Il s'agit d'un format permettant de regrouper plusieurs images compressées.

Ces vulnérabilités permettraient à une personne malveillante qui les exploiteraient de perturber l'application, voire d'exécuter des commandes arbitraires sur le système ayant une version vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions de QuickTime antérieures à 7.1.5, pour Apple Mac OS ou Microsoft Windows.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité 305149 du 06 mars 2007	None	vendor-advisory
Bulletin de sécurité iDefense du 05 mars 2007 :	-	other
Bulletin de sécurité Apple du 06 mars 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eLes versions de QuickTime ant\u00e9rieures \u00e0 7.1.5, pour Apple Mac  OS ou Microsoft Windows.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multimedia\nApple QuickTime. Elles concernent une mauvaise manipulation de fichiers\naux formats suivants :\n\n-   3rd Generation Partnership Project (extensions de fichier : .3gp ou\n    .3g2). Il s\u0027agit d\u0027un format de vid\u00e9os compress\u00e9es pr\u00e9vues pour \u00eatre\n    diffus\u00e9es sur les r\u00e9seaux mobiles dits de troisi\u00e8me g\u00e9n\u00e9ration (3G).\n-   MIDI, ou Musical Instrument Digital Interface (extension .smf). Il\n    s\u0027agit d\u0027un format destin\u00e9 intialement \u00e0 faire communiquer les\n    instruments \u00e9lectroniques.\n-   Quicktime (extension : .mov). Il s\u0027agit d\u0027un format permettant de\n    regrouper plusieurs types de donn\u00e9es (texte, video ou audio par\n    exemple).\n-   PICT (extension : .pct). Il s\u0027agit d\u0027un format vectoriel interne au\n    fonctionnement de Macintosh.\n-   QTIF, ou Quicktime Image File Format (extension : .qif). Il s\u0027agit\n    d\u0027un format permettant de regrouper plusieurs images compress\u00e9es.\n\nCes vuln\u00e9rabilit\u00e9s permettraient \u00e0 une personne malveillante qui les\nexploiteraient de perturber l\u0027application, voire d\u0027ex\u00e9cuter des\ncommandes arbitraires sur le syst\u00e8me ayant une version vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4965"
    },
    {
      "name": "CVE-2007-0714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0714"
    },
    {
      "name": "CVE-2007-0718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0718"
    },
    {
      "name": "CVE-2007-0712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0712"
    },
    {
      "name": "CVE-2007-0716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0716"
    },
    {
      "name": "CVE-2007-0711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0711"
    },
    {
      "name": "CVE-2007-0717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0717"
    },
    {
      "name": "CVE-2007-0713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0713"
    },
    {
      "name": "CVE-2007-0715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0715"
    }
  ],
  "initial_release_date": "2007-03-07T00:00:00",
  "last_revision_date": "2007-03-07T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 05 mars 2007 :",
      "url": "http://www.idefense.com/application/poi/display?id=486"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 06 mars 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=305149"
    }
  ],
  "reference": "CERTA-2007-AVI-112",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-03-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le logiciel Apple\nQuickTime. Elles permettraient \u00e0 une personne malveillante qui les\nexploiteraient de perturber l\u0027application, voire d\u0027ex\u00e9cuter des\ncommandes arbitraires sur le syst\u00e8me ayant une version vuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple QuickTime",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 305149 du 06 mars 2007",
      "url": null
    }
  ]
}

CERTA-2007-ALE-014

Vulnerability from certfr_alerte

Une vulnérabilité touchant Apple QuickTime permet à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Une vulnérabilité a été identifiée dans Apple QuickTime. Ce lecteur multimédia permet à une personne de spécifier un média à lire après l'exécution du média courant (option QTNEXT d'un fichier multimédia). Cette fonctionnalité peut cependant être détournée pour exécuter du code Javascript, et donc du code arbitraire sur le poste de l'utilisateur. L'interpréteur Javascript utilisé est le navigateur Internet par défaut de l'utilisateur.

Des codes de démonstration sont disponibles sur l'Internet et fonctionnent si Mozilla Firefox est le navigateur par défaut, sur Microsoft Windows. Les autres systèmes d'exploitation ne semblent pas concernés mais le navigateur Netscape Navigator, basé sur le même moteur de rendu que Firefox, est aussi vulnérable.

Pour résumer, les problèmes rencontrés sont :

QuickTime n'offre pas la possibilité de bloquer le Javascript ;
QuickTime associé à un navigateur comme Mozilla Firefox ne respecte pas la politique du navigateur liée au Javascript.

Il est important de noter que l'utilisation d'un navigateur alternatif ne contourne pas le problème si Mozilla Firefox est défini comme navigateur par défaut.

Contournements provisoires

Quelques contournements sont envisageables :

- ouvrir la fenêtre about:config ;
- filtrer les options en tapant protocol ;
- mettre l'option network.protocol-handler.external.javascript à la valeur true.
Ceci n'empêche pas l'exploitation mais avertit l'utilisateur lorsqu'une application externe appelle l'interpréteur Javascript de Firefox.
l'utilisation d'une extension telle que NoScript peut bloquer l'exécution de code si l'option Forbid scripts globally est activée.
définir un navigateur alternatif non basé sur le moteur de rendu Gecko comme navigateur par défaut. Des tests internes au CERTA ont montré que Seamonkey 1.1.4 ne semble pas vulnérable mais il convient de rester prudent.

Le meilleur contournement à la date de rédaction de cette alerte consiste à désinstaller complètement l'application QuickTime dans l'attente d'un correctif d'Apple et/ou Mozilla.

Solution

L'éditeur Mozilla a publié un correctif pour le navigateur Firefox (version 2.0.0.7) qui empêche l'exécution de scripts arbitraires via une ligne de commande avec le paramètre -chrome.

Apple a également publié un correctif (7.2.0.245) pour Quicktime. (cf. section Documentation).

Apple QuickTime 7.2 et versions antérieures sur Microsoft Windows.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Entrée sur le bloc-notes Mozilla du 12 septembre 2007 : /	-	other
Bulletin de sécurité Mozilla MFSA 2007-28 du 18 septembre 2007 :	-	other
Avis du CERTA CERTA-2007-AVI-407 du 19 septembre 2007 :	-	other
Bulletin de sécurité Apple 306560 du 03 octobre 2007 :	-	other
Rapport de bogue #395942 de Mozilla :	-	other
Bulletin d'actualité CERTA-2007-ACT-037 - « Vulnérabilité sur Quicktime et Firefox » :	-	other
Bulletin d'actualité CERTA-2007-ACT-011 - « Le Javascript est omniprésent » :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple QuickTime 7.2 et versions ant\u00e9rieures sur Microsoft  Windows.\u003c/P\u003e",
  "closed_at": "2007-10-12",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans Apple QuickTime. Ce lecteur\nmultim\u00e9dia permet \u00e0 une personne de sp\u00e9cifier un m\u00e9dia \u00e0 lire apr\u00e8s\nl\u0027ex\u00e9cution du m\u00e9dia courant (option QTNEXT d\u0027un fichier multim\u00e9dia).\nCette fonctionnalit\u00e9 peut cependant \u00eatre d\u00e9tourn\u00e9e pour ex\u00e9cuter du code\nJavascript, et donc du code arbitraire sur le poste de l\u0027utilisateur.\nL\u0027interpr\u00e9teur Javascript utilis\u00e9 est le navigateur Internet par d\u00e9faut\nde l\u0027utilisateur.\n\nDes codes de d\u00e9monstration sont disponibles sur l\u0027Internet et\nfonctionnent si Mozilla Firefox est le navigateur par d\u00e9faut, sur\nMicrosoft Windows. Les autres syst\u00e8mes d\u0027exploitation ne semblent pas\nconcern\u00e9s mais le navigateur Netscape Navigator, bas\u00e9 sur le m\u00eame moteur\nde rendu que Firefox, est aussi vuln\u00e9rable.\n\nPour r\u00e9sumer, les probl\u00e8mes rencontr\u00e9s sont :\n\n-   QuickTime n\u0027offre pas la possibilit\u00e9 de bloquer le Javascript ;\n-   QuickTime associ\u00e9 \u00e0 un navigateur comme Mozilla Firefox ne respecte\n    pas la politique du navigateur li\u00e9e au Javascript.\n\nIl est important de noter que l\u0027utilisation d\u0027un navigateur alternatif\nne contourne pas le probl\u00e8me si Mozilla Firefox est d\u00e9fini comme\nnavigateur par d\u00e9faut.\n\n## Contournements provisoires\n\nQuelques contournements sont envisageables :\n\n1.  -   ouvrir la fen\u00eatre about:config ;\n    -   filtrer les options en tapant protocol ;\n    -   mettre l\u0027option network.protocol-handler.external.javascript \u00e0\n        la valeur true.\n\n    Ceci n\u0027emp\u00eache pas l\u0027exploitation mais avertit l\u0027utilisateur\n    lorsqu\u0027une application externe appelle l\u0027interpr\u00e9teur Javascript de\n    Firefox.\n\n2.  l\u0027utilisation d\u0027une extension telle que NoScript peut bloquer\n    l\u0027ex\u00e9cution de code si l\u0027option Forbid scripts globally est activ\u00e9e.\n\n3.  d\u00e9finir un navigateur alternatif non bas\u00e9 sur le moteur de rendu\n    Gecko comme navigateur par d\u00e9faut. Des tests internes au CERTA ont\n    montr\u00e9 que Seamonkey 1.1.4 ne semble pas vuln\u00e9rable mais il convient\n    de rester prudent.\n\nLe meilleur contournement \u00e0 la date de r\u00e9daction de cette alerte\nconsiste \u00e0 d\u00e9sinstaller compl\u00e8tement l\u0027application QuickTime dans\nl\u0027attente d\u0027un correctif d\u0027Apple et/ou Mozilla.\n\n## Solution\n\nL\u0027\u00e9diteur Mozilla a publi\u00e9 un correctif pour le navigateur Firefox\n(version 2.0.0.7) qui emp\u00eache l\u0027ex\u00e9cution de scripts arbitraires via une\nligne de commande avec le param\u00e8tre -chrome.\n\nApple a \u00e9galement publi\u00e9 un correctif (7.2.0.245) pour Quicktime. (cf.\nsection Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4965"
    },
    {
      "name": "CVE-2007-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4673"
    }
  ],
  "initial_release_date": "2007-09-13T00:00:00",
  "last_revision_date": "2007-10-12T00:00:00",
  "links": [
    {
      "title": "Entr\u00e9e sur le bloc-notes Mozilla du 12 septembre 2007 :      /",
      "url": "http://blog.mozilla.com/security/2007/09/12/quicktime-to-firefox-issue"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mozilla MFSA 2007-28 du 18 septembre    2007 :",
      "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-28.html"
    },
    {
      "title": "Avis du CERTA CERTA-2007-AVI-407 du 19 septembre 2007 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-AVI-407/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 306560 du 03 octobre 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=306560"
    },
    {
      "title": "Rapport de bogue #395942 de Mozilla :",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395942"
    },
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-037 - \u00ab Vuln\u00e9rabilit\u00e9    sur Quicktime et Firefox \u00bb :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ACT-037.pdf"
    },
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-011 - \u00ab Le Javascript    est omnipr\u00e9sent \u00bb :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ACT-011.pdf"
    }
  ],
  "reference": "CERTA-2007-ALE-014",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2007-09-13T00:00:00.000000"
    },
    {
      "description": "mise \u00e0 jour des syst\u00e8mes affect\u00e9s, de la description, des contournements et ajout de r\u00e9f\u00e9rences ;",
      "revision_date": "2007-09-14T00:00:00.000000"
    },
    {
      "description": "mise \u00e0 jour de la solution et de la documentation ;",
      "revision_date": "2007-09-19T00:00:00.000000"
    },
    {
      "description": "ajout d\u0027une r\u00e9f\u00e9rence CVE et du correctif pour Quicktime.",
      "revision_date": "2007-10-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 touchant Apple QuickTime permet \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Apple QuickTime",
  "vendor_advisories": []
}

fkie_cve-2006-4965

Vulnerability from fkie_nvd

Published

2006-09-25 00:07

Modified

2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=305149
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html
cve@mitre.org	http://secunia.com/advisories/22048	Exploit, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27414	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/1631
cve@mitre.org	http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox
cve@mitre.org	http://www.gnucitizen.org/blog/backdooring-mp3-files/	Exploit
cve@mitre.org	http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up
cve@mitre.org	http://www.kb.cert.org/vuls/id/751808	US Government Resource
cve@mitre.org	http://www.securityfocus.com/archive/1/446750/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/453756/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/479179/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/20138	Exploit
cve@mitre.org	http://www.securitytracker.com/id?1018687
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3155
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=305149
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22048	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27414	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/1631
af854a3a-2127-422b-91ae-364da2661108	http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox
af854a3a-2127-422b-91ae-364da2661108	http://www.gnucitizen.org/blog/backdooring-mp3-files/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/751808	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/446750/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/453756/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/479179/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20138	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018687
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3155

Impacted products

	Vendor	Product	Version
	apple	quicktime	7.1.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer."
    },
    {
      "lang": "es",
      "value": "Apple QuickTime 7.1.3 Player y sus plug-ins permiten a un atacante remoto ejecutar c\u00f3digo JavaScript de su elecci\u00f3n y posiblemente llevar a cabo otros ataques mediante un archivo QuickTime Media Link (QTL) con un elemento XML embebido y un par\u00e1metro qtnext que identifica recursos fuera del dominio original. NOTA: a fecha del 12-09-2007, este problema fue demostrado utilizando instancias de Components.interfaces.nsILocalFile y Components.interfaces.nsIProcess para ejecutar archivos locales de su elecci\u00f3n en Firefox y posiblemente Internet Explorer."
    }
  ],
  "id": "CVE-2006-4965",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-09-25T00:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=305149"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22048"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27414"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/1631"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/751808"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/20138"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018687"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=305149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22048"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/1631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/751808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/20138"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3155"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-200609-0414

Vulnerability from variot

Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer. Mozilla Firefox does not filter input when sending certain URIs to registered protocol handlers. This may allow a remote, authenticated attacker to use Firefox as a vector for executing commands on a vulnerable system. Apple QuickTime Contains a vulnerability that allows arbitrary commands to be executed. Apple QuickTime Is Windows And Apple OS X Is a media player that supports. Also, Internet Explorer And Safari , Netscape A compatible browser plug-in is also provided. Web The page creator Web In the page QuickTime Movie When incorporating QuickTime link (.qtl) You can specify parameters for starting an application using a file. One of the parameters that can be specified qtnext Is used to specify the location of multimedia files to import and play. this qtnext A vulnerability exists that allows arbitrary commands to be executed using parameters. A verification code using this vulnerability has already been released.User crafted QuickTime Open a file qtl Including files Web By browsing the page, a remote attacker may execute arbitrary commands. Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files (.qtl). Although this weakness doesn't pose any direct security threat by itself, an attacker may use it to aid in further attacks. QuickTime 7.1.3 is vulnerable; other versions may also be affected.

2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published

How do you know which Secunia advisories are important to you?

The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, bypass certain security restrictions, manipulate certain data, and compromise a user's system.

For more information: SA20442 SA22048 SA25904 SA26288 SA27311

SOLUTION: Apply updated packages.

x86 Platform:

openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.8-1.1.i586.rpm fcd6aebb85486f2fd1f5f21f6be6f7c5 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.1.i586.rpm c0a5f55e55819330bbaedb1562d3b3ab http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-1.1.5-0.1.i586.rpm e28e54f197e18a1437f7e4e2d61f7716 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-dom-inspector-1.1.5-0.1.i586.rpm 8ce609f4f23e125a3fde4e098c2f8387 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-irc-1.1.5-0.1.i586.rpm fc5ef53403ab657af5f3a03cf0dea515 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-mail-1.1.5-0.1.i586.rpm 84e622b990a471319a6e155fe78c7a71 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-spellchecker-1.1.5-0.1.i586.rpm 5668c7e37f7d3f7ab958659efbf6393f http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-venkman-1.1.5-0.1.i586.rpm 7cab38da286e5c6b61eee35253159b2d

openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.8-1.1.i586.rpm 63b9dcf5769346e9fa63cc5bc58cbf2f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.1.i586.rpm 86c8f71674d54597867bbfef0523f455 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-1.1.5-0.1.i586.rpm 56ae1f2a6d01b66e7b828811baef386f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-dom-inspector-1.1.5-0.1.i586.rpm f90f8b1a40acb84af586070b2b36a3c7 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-irc-1.1.5-0.1.i586.rpm b6f30d4a98dd664f531f9c7b0c5361a7 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-mail-1.1.5-0.1.i586.rpm 12f05e3f903e3588a33e129ad5afa2ba ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-spellchecker-1.1.5-0.1.i586.rpm 8c5ae9dfe961c2dd22c5858e34f1ddcd ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-venkman-1.1.5-0.1.i586.rpm 4b9d7b965de396aba2dae8d44e02d2ed

SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-2.0.0.8-1.2.i586.rpm 0c79e6ed846f58ee38f2195899700783 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.2.i586.rpm 2b1f78a24b7c604e491f874b4ee010eb ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-1.0.9-1.5.i586.rpm 136302b1383bfa10e6963ac51c487156 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-calendar-1.0.9-1.5.i586.rpm e1cb5dd0e2f58ddfcf1e6aeba8188f2c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-dom-inspector-1.0.9-1.5.i586.rpm 540c5555216bbfb8e083cadacf97cd56 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-irc-1.0.9-1.5.i586.rpm 0289839942737ac0942dd2a9f5eefe9b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-mail-1.0.9-1.5.i586.rpm 0795a2047ccf35a566480a9b66de3b95 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-spellchecker-1.0.9-1.5.i586.rpm e85070685e2a7306c942880786261678 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-venkman-1.0.9-1.5.i586.rpm 29dba3d7132a130c2a7fe454556ed8a9

SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-2.0.0.8-1.1.i586.rpm b443c59893edc2831856b44cb45d6818 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.1.i586.rpm ed267848820945045e32a853fee275d9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-1.8_seamonkey_1.0.9-2.7.i586.rpm 66fce2adb0f9afae473ef0fe95dced71 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-calendar-1.8_seamonkey_1.0.9-2.7.i586.rpm 2bd9fd5b7441f14d102f67b7dfd59ba9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-devel-1.8_seamonkey_1.0.9-2.7.i586.rpm d9f3f1505fcfb25af2980ac738ede92e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-dom-inspector-1.8_seamonkey_1.0.9-2.7.i586.rpm 60e214cfb4c3a4786e2cd1a3238c5aeb ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-irc-1.8_seamonkey_1.0.9-2.7.i586.rpm c17c89b837b176c532dd4df5d5fe208c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-ko-1.75-3.5.i586.rpm d4175069e22129dc9355d7db0492f250 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-mail-1.8_seamonkey_1.0.9-2.7.i586.rpm 98a94679da3e405c7ed1ff7ae9405224 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-spellchecker-1.8_seamonkey_1.0.9-2.7.i586.rpm 2c6a412a94f5912907b0c6bcd07124e5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-venkman-1.8_seamonkey_1.0.9-2.7.i586.rpm f4f5da1e91972d8d188757389dcb5057 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-zh-CN-1.7-6.5.i586.rpm 5fb2bf8cb496278cc3311c6db64551ff ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-zh-TW-1.7-6.5.i586.rpm 39e86845e27e9923476a8cde8da90eff

Power PC Platform:

openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-2.0.0.8-1.1.ppc.rpm 9c9ac689cc29aae1488c7ad7b92d0bdd http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.1.ppc.rpm 21e9f77bbb3c20814137327f6eaee9f9 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-1.1.5-0.1.ppc.rpm cc32112a9f89abba812147e40d0255d0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-dom-inspector-1.1.5-0.1.ppc.rpm 2c925817e2a4c98463cb9c09237a6cb5 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-irc-1.1.5-0.1.ppc.rpm facd6df5c71d962063177fc348bb767f http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-mail-1.1.5-0.1.ppc.rpm 03df79f55ac1616296b7e0742013e8ad http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-spellchecker-1.1.5-0.1.ppc.rpm f06ae78053dd6cf62454fd1f39123633 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-venkman-1.1.5-0.1.ppc.rpm c478ed242f3224ff7fe30d77967e7bee

openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-2.0.0.8-1.1.ppc.rpm 6cc2e85621a7f5bd5e4b7d079cf7205b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.1.ppc.rpm f34326ed73827774922995a0091ea4c4 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-1.1.5-0.1.ppc.rpm f82ae91873004c2aca4a6886df913ac7 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-dom-inspector-1.1.5-0.1.ppc.rpm 5e54828377b091f9630628f5b1f22312 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-irc-1.1.5-0.1.ppc.rpm f6fee9249b8b8ed0169f45a31845e54d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-mail-1.1.5-0.1.ppc.rpm 0bb3655011a19a1b5c8e20a275151eaa ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-spellchecker-1.1.5-0.1.ppc.rpm 06d93fdc67ea905637258c00a69f0a6d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-venkman-1.1.5-0.1.ppc.rpm fdab90f20d0e9603cdde5ae40c59ec78

SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-2.0.0.8-1.2.ppc.rpm 04972567fc2d1b3c9a1cd48de0a6a719 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.2.ppc.rpm b221dcecab11e53206be8d2b68af2897 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-1.0.9-1.5.ppc.rpm 4ebcb7702a69f0296fec491e8e06eb8f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-calendar-1.0.9-1.5.ppc.rpm bd1952ecd073cf8431f2444a3e4d4645 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-dom-inspector-1.0.9-1.5.ppc.rpm d3b6f079dd977541fb12b3c931581e49 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-irc-1.0.9-1.5.ppc.rpm 82c041d37045a1eb1faba6a0b793d29b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-mail-1.0.9-1.5.ppc.rpm 66c77272f5d36f3b7338afc5b4c7f5a8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-spellchecker-1.0.9-1.5.ppc.rpm 2754235ca272e2f471d23dfe298b976c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-venkman-1.0.9-1.5.ppc.rpm 4cb01eb812c293bfadaf636d91ba2f6b

SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-2.0.0.8-1.1.ppc.rpm 53176a31ec82d1433b9c85bdb5e4d55d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.1.ppc.rpm 73cd0d20c927925d0c5fb8313e8e7761 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-1.8_seamonkey_1.0.9-2.7.ppc.rpm f2f91a58e1141ef80c23528aca6ea4f7 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-calendar-1.8_seamonkey_1.0.9-2.7.ppc.rpm 9d48e1cc4486f0456c85a286acdfdd2f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-devel-1.8_seamonkey_1.0.9-2.7.ppc.rpm 6ce5464cbf1d814d79f3572735668bc3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-dom-inspector-1.8_seamonkey_1.0.9-2.7.ppc.rpm dba8224a3018683fb25ef153f5c9216f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-irc-1.8_seamonkey_1.0.9-2.7.ppc.rpm d3a6233e9be5b73a13c77116b9be6659 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-ko-1.75-3.5.ppc.rpm 6aec834bdb366e4132c14186a8af7a5e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-mail-1.8_seamonkey_1.0.9-2.7.ppc.rpm 74db865b27ddf466507a9f53927977f2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-spellchecker-1.8_seamonkey_1.0.9-2.7.ppc.rpm 863dfd26f01216c2a355d8a6873509a8 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-venkman-1.8_seamonkey_1.0.9-2.7.ppc.rpm 6655b800453b4352a7f0767fbdc16c99 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-zh-CN-1.7-6.5.ppc.rpm 3b1227b6646d573e0b36667cdbf8b431 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-zh-TW-1.7-6.5.ppc.rpm ea3f2ec400ef34feb6181584dd2df51f

x86-64 Platform:

openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-2.0.0.8-1.1.x86_64.rpm 286bc8449e069e29d0185180ae9af95a http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-translations-2.0.0.8-1.1.x86_64.rpm 423752fd83adb06750f5463ef86c4b94 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-1.1.5-0.1.x86_64.rpm 535f222a51cf9b2b02b87d1e4662e562 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-dom-inspector-1.1.5-0.1.x86_64.rpm 3e04002a25b7bb9fe4a4219e3a7fd177 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-irc-1.1.5-0.1.x86_64.rpm 21936c9d7ca8a79e825608ff8ed6e87f http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-mail-1.1.5-0.1.x86_64.rpm f555ef7f3ff24402f806eda5abc0750f http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-spellchecker-1.1.5-0.1.x86_64.rpm c2843979e9fa2e847e48e39b1561fc90 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-venkman-1.1.5-0.1.x86_64.rpm 248795e918196b3b6dd0b74e32747ea2

openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-2.0.0.8-1.1.x86_64.rpm 6feaf265388a8e0d74f56d0b339c1b7b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-translations-2.0.0.8-1.1.x86_64.rpm cc00f89ee535e0ead4036646b4a5b8aa ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-1.1.5-0.1.x86_64.rpm 8791bfe757b4397d347be1e85be8c92d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-dom-inspector-1.1.5-0.1.x86_64.rpm 301c934989919c637aa6585c9b93ddaa ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-irc-1.1.5-0.1.x86_64.rpm 8391c2b342d00def8fec429bed80597c ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-mail-1.1.5-0.1.x86_64.rpm 56679451877bd2819907849119cae823 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-spellchecker-1.1.5-0.1.x86_64.rpm 126d4df4e4cfe9e727572fc3ea29cf6f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-venkman-1.1.5-0.1.x86_64.rpm 4f93cb97a2eb9e27b28356cd22acc358

SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-1.0.9-1.5.x86_64.rpm b1b6e0fb86137856bcb99f9eadc8b311 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-calendar-1.0.9-1.5.x86_64.rpm 9022c6152510f336e4a2dfea4be2d2fa ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-dom-inspector-1.0.9-1.5.x86_64.rpm 8369f700d85a46e6cac2a144c0b83eba ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-irc-1.0.9-1.5.x86_64.rpm b9996f34dcd09395e11dfe7978136a46 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-mail-1.0.9-1.5.x86_64.rpm 76404dc283e649d15d12cae9c20479e2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-spellchecker-1.0.9-1.5.x86_64.rpm 7822779669eedc3a963cc073339b7ad7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-venkman-1.0.9-1.5.x86_64.rpm 900c48a2079694f4163efa8e868846a4

SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-1.8_seamonkey_1.0.9-2.7.x86_64.rpm c6e7c2fb0c20d62384a5705882980246 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-calendar-1.8_seamonkey_1.0.9-2.7.x86_64.rpm 100a0e68b16325739f04e37112174ef5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-devel-1.8_seamonkey_1.0.9-2.7.x86_64.rpm 1f2f19a68a3bc76920f1acdc1b57f64d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-dom-inspector-1.8_seamonkey_1.0.9-2.7.x86_64.rpm a37b87151167c84a2879fa21171f6869 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-irc-1.8_seamonkey_1.0.9-2.7.x86_64.rpm 27bdbef4228a6e38f043fb62d098d6ca ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-ko-1.75-3.5.x86_64.rpm 0329e13cf39f6b049b0eb6d77e0a5d3e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-mail-1.8_seamonkey_1.0.9-2.7.x86_64.rpm bea94ac34f30deba19495135d401057f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-spellchecker-1.8_seamonkey_1.0.9-2.7.x86_64.rpm cbf92cb5ba4e9c8f8c759211dd98abb5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-venkman-1.8_seamonkey_1.0.9-2.7.x86_64.rpm 58366db4cf007ece188dc0b684653f43 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-zh-CN-1.7-6.5.x86_64.rpm ff54d8d75657211b988c5f066290da47 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-zh-TW-1.7-6.5.x86_64.rpm 991b44d1019e1691a226f4c4c34d01e7

Sources:

openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.8-1.1.src.rpm 504257c7bb91d92c8c57f1d19a744885 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/seamonkey-1.1.5-0.1.src.rpm 3084f6f2578a126f4fc2ee09c4e99956

openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.8-1.1.src.rpm ec010caa558bf186407aa6c01a0c86b9 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/seamonkey-1.1.5-0.1.src.rpm 08b9664a84a9cd3e230fc548d1f700fa

SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/seamonkey-1.0.9-1.5.src.rpm da54807f0d499f28af2cb1618eead8e0

SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-2.0.0.8-1.1.src.rpm 1fda55bec5840d4665ad497c29f1a607 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-1.8_seamonkey_1.0.9-2.7.src.rpm f259a9c634aa3b2a14f8896ce0d34f76 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-ko-1.75-3.5.src.rpm e7ecbfb4143f47767e179a1f2d9e7c94 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-zh-CN-1.7-6.5.src.rpm a5096f53ac8f021e43fb0268c7d33839 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-zh-TW-1.7-6.5.src.rpm 6871a8338eb79ad9b0c7f61a53429cef

Open Enterprise Server http://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html

Novell Linux POS 9 http://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html

SUSE SLES 9 http://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html

UnitedLinux 1.0 http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html

SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html

SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html

SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html

SuSE Linux School Server http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html

SUSE LINUX Retail Solution 8 http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html

Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html http://support.novell.com/techcenter/psdb/94e7e87449ed25841acaf9b535567347.html

SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2007_57_mozilla.html

OTHER REFERENCES: SA20442: http://secunia.com/advisories/20442/

SA22048: http://secunia.com/advisories/22048/

SA25904: http://secunia.com/advisories/25904/

SA26288: http://secunia.com/advisories/26288/

SA27311: http://secunia.com/advisories/27311/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

BETA test the new Secunia Personal Software Inspector!

The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. via applications invoking Firefox with unfiltered command line arguments.

This is related to: SA22048 SA25984

The security issue affects Firefox prior to version 2.0.0.7.

SOLUTION: Update to version 2.0.0.7.

NOTE: Support for Firefox 1.5.0.x has ended June 2007. The vendor encourages users to upgrade to Firefox 2.

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.

The vulnerability is caused due to an input validation error within the handling of system default URIs with registered URI handlers (e.g. "mailto", "news", "nntp", "snews", "telnet"). using Firefox visits a malicious website with a specially crafted "mailto" URI containing a "%" character and ends in a certain extension (e.g. ".bat", ".cmd")

Examples: mailto:test%../../../../windows/system32/calc.exe".cmd nntp:../../../../../Windows/system32/telnet.exe" "secunia.com 80%.bat

Successful exploitation requires that Internet Explorer 7 is installed on the system.

The vulnerability is confirmed on a fully patched Windows XP SP2 and Windows Server 2003 SP2 system using Firefox version 2.0.0.5 and Netscape Navigator version 9.0b2.

SOLUTION: Do not browse untrusted websites or follow untrusted links.

PROVIDED AND/OR DISCOVERED BY: Vulnerability discovered by: * Billy (BK) Rios

Firefox not escaping quotes originally discussed by: * Jesper Johansson

Additional research by Secunia Research.

ORIGINAL ADVISORY: Billy (BK) Rios: http://xs-sniper.com/blog/2007/07/24/remote-command-execution-in-firefox-2005/

OTHER REFERENCES: US-CERT VU#783400: http://www.kb.cert.org/vuls/id/783400

Jesper Johansson blog: http://msinfluentials.com/blogs/jesper/archive/2007/07/20/hey-mozilla-quotes-are-not-legal-in-a-url.aspx

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-297B

Adobe Updates for Microsoft Windows URI Vulnerability

Original release date: October 24, 2007 Last revised: -- Source: US-CERT

Systems Affected

Microsoft Windows XP and Windows Server 2003 systems with Internet Explorer 7 and any of the following Adobe products: * Adobe Reader 8.1 and earlier * Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier * Adobe Reader 7.0.9 and earlier * Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and earlier

Overview

Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.

I. Description

Installing Microsoft Internet Explorer (IE) 7 on Windows XP or Server 2003 changes the way Windows handles Uniform Resource Identifiers (URIs). This change has introduced a flaw that can cause Windows to incorrectly determine the appropriate handler for the protocol specified in a URI. More information about this vulnerability is available in US-CERT Vulnerability Note VU#403150.

Public reports indicate that this vulnerability is being actively exploited with malicious PDF files. Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability.

II.

III. Solution

Apply an update

Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to address this issue. These Adobe products handle URIs in a way that mitigates the vulnerability in Microsoft Windows.

Disable the mailto: URI in Adobe Reader and Adobe Acrobat

If you are unable to install an updated version of the software, this vulnerability can be mitigated by disabling the mailto: URI handler in Adobe Reader and Adobe Acrobat. Please see Adobe Security Bulletin APSB07-18 for details.

Appendix A. Vendor Information

Adobe

For information about updating affected Adobe products, see Adobe Security Bulletin APSB07-18.

Appendix B. References

* Adobe Security Bulletin APSB07-18 -
  <http://www.adobe.com/support/security/bulletins/apsb07-18.htm>

* Microsoft Security Advisory (943521) -
  <http://www.microsoft.com/technet/security/advisory/943521.mspx>

* US-CERT Vulnerability Note VU#403150 -
  <http://www.kb.cert.org/vuls/id/403150>

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA07-297B.html>

Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA07-297B Feedback VU#403150" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2007 by US-CERT, a government organization.

 <http://www.us-cert.gov/legal.html>

Revision History

October 24, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRx+8WPRFkHkM87XOAQIrOQf/USsBbfDmKZ4GCi8W2466mI+kZoEHoe/H 3l3p4/1cuFGoPHFfeDLbG+alXiHSAdXoX7Db34InEUKMs7kRUVPEdW9LggI9VaTJ lKnZJxM3dXL+zPCWcDkNqrmmzyJuXwN5FmSXhlcnN4+FRzNrZYwDe1UcOk3q6m1s VNPIBTrqfSuFRllNt+chV1vQ876LLweS+Xh1DIQ/VIyduqvTogoYZO4p2A0YJD57 4y0obNuk+IhgzyhZHtSsR0ql7rGrFr4S97XUQGbKOAZWcDzNGiXJ5FkrMTaP25OI LazBVDofVz8ydUcEkb4belgv5REpfYUJc9hRbRZ+IpbAay2j42m8NQ== =PgB9 -----END PGP SIGNATURE----- .

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.

Internet web sites are normally not allowed to link to local resources

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200609-0414",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": null,
        "trust": 2.4,
        "vendor": "mozilla",
        "version": null
      },
      {
        "model": "quicktime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "7.1.3"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple computer",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "adobe",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "firefox",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "mozilla",
        "version": "2.0.0.6"
      },
      {
        "model": "seamonkey",
        "scope": null,
        "trust": 0.8,
        "vendor": "mozilla",
        "version": null
      },
      {
        "model": "quicktime",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apple",
        "version": "7.x"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "8"
      },
      {
        "model": "linux enterprise server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise desktop sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.3"
      },
      {
        "model": "linux professional x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.2"
      },
      {
        "model": "linux personal x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "10.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "12.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "11.0"
      },
      {
        "model": "linux -current",
        "scope": null,
        "trust": 0.3,
        "vendor": "slackware",
        "version": null
      },
      {
        "model": "unitedlinux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "1.0"
      },
      {
        "model": "suse linux standard server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "8.0"
      },
      {
        "model": "suse linux school server for i386",
        "scope": null,
        "trust": 0.3,
        "vendor": "s u s e",
        "version": null
      },
      {
        "model": "suse linux retail solution",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "8.0"
      },
      {
        "model": "suse linux openexchange server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "4.0"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "open-enterprise-server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "0"
      },
      {
        "model": "novell linux pos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9"
      },
      {
        "model": "novell linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9.0"
      },
      {
        "model": "linux professional oss",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1"
      },
      {
        "model": "linux personal oss",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "linux personal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "linux personal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1x86-64"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1x86"
      },
      {
        "model": "linux ppc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0x86-64"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0x86"
      },
      {
        "model": "linux ppc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "hat fedora core6",
        "scope": null,
        "trust": 0.3,
        "vendor": "red",
        "version": null
      },
      {
        "model": "navigator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "netscape",
        "version": "8.1.3"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.6"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.5"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.4"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.3"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.1"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.0.2"
      },
      {
        "model": "firefox rc3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0"
      },
      {
        "model": "firefox rc2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0"
      },
      {
        "model": "firefox beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.01"
      },
      {
        "model": "firefox",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0"
      },
      {
        "model": "quicktime plug-in",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "7.1.3"
      },
      {
        "model": "navigator",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "netscape",
        "version": "9.0"
      },
      {
        "model": "firefox",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mozilla",
        "version": "2.0.7"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "db": "BID",
        "id": "20138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:mozilla:firefox",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:mozilla:seamonkey",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:quicktime",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "pdp of gnucitizen.org is credited with the discovery of this vulnerability.",
    "sources": [
      {
        "db": "BID",
        "id": "20138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2006-4965",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-4965",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-21073",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-4965",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#751808",
            "trust": 0.8,
            "value": "35.11"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#403150",
            "trust": 0.8,
            "value": "18.43"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#783400",
            "trust": 0.8,
            "value": "25.52"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-4965",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200609-423",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-21073",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer. Mozilla Firefox does not filter input when sending certain URIs to registered protocol handlers. This may allow a remote, authenticated attacker to use Firefox as a vector for executing commands on a vulnerable system. Apple QuickTime Contains a vulnerability that allows arbitrary commands to be executed. Apple QuickTime Is Windows And Apple OS X Is a media player that supports. Also, Internet Explorer And Safari , Netscape A compatible browser plug-in is also provided. Web The page creator Web In the page QuickTime Movie When incorporating QuickTime link (.qtl) You can specify parameters for starting an application using a file. One of the parameters that can be specified qtnext Is used to specify the location of multimedia files to import and play. this qtnext A vulnerability exists that allows arbitrary commands to be executed using parameters. A verification code using this vulnerability has already been released.User crafted QuickTime Open a file qtl Including files Web By browsing the page, a remote attacker may execute arbitrary commands. Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files (.qtl). Although this weakness doesn\u0027t pose any direct security threat by itself, an attacker may use it to aid in further attacks. \nQuickTime 7.1.3 is vulnerable; other versions may also be affected. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \nThis fixes a weakness and some vulnerabilities, which can be exploited\nby malicious people to disclose sensitive information, conduct\nphishing attacks, bypass certain security restrictions, manipulate\ncertain data, and compromise a user\u0027s system. \n\nFor more information:\nSA20442\nSA22048\nSA25904\nSA26288\nSA27311\n\nSOLUTION:\nApply updated packages. \n\nx86 Platform:\n\nopenSUSE 10.3:\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.8-1.1.i586.rpm\nfcd6aebb85486f2fd1f5f21f6be6f7c5\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.1.i586.rpm\nc0a5f55e55819330bbaedb1562d3b3ab\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-1.1.5-0.1.i586.rpm\ne28e54f197e18a1437f7e4e2d61f7716\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-dom-inspector-1.1.5-0.1.i586.rpm\n8ce609f4f23e125a3fde4e098c2f8387\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-irc-1.1.5-0.1.i586.rpm\nfc5ef53403ab657af5f3a03cf0dea515\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-mail-1.1.5-0.1.i586.rpm\n84e622b990a471319a6e155fe78c7a71\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-spellchecker-1.1.5-0.1.i586.rpm\n5668c7e37f7d3f7ab958659efbf6393f\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-venkman-1.1.5-0.1.i586.rpm\n7cab38da286e5c6b61eee35253159b2d\n\nopenSUSE 10.2:\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.8-1.1.i586.rpm\n63b9dcf5769346e9fa63cc5bc58cbf2f\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.1.i586.rpm\n86c8f71674d54597867bbfef0523f455\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-1.1.5-0.1.i586.rpm\n56ae1f2a6d01b66e7b828811baef386f\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-dom-inspector-1.1.5-0.1.i586.rpm\nf90f8b1a40acb84af586070b2b36a3c7\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-irc-1.1.5-0.1.i586.rpm\nb6f30d4a98dd664f531f9c7b0c5361a7\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-mail-1.1.5-0.1.i586.rpm\n12f05e3f903e3588a33e129ad5afa2ba\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-spellchecker-1.1.5-0.1.i586.rpm\n8c5ae9dfe961c2dd22c5858e34f1ddcd\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/seamonkey-venkman-1.1.5-0.1.i586.rpm\n4b9d7b965de396aba2dae8d44e02d2ed\n\nSUSE LINUX 10.1:\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-2.0.0.8-1.2.i586.rpm\n0c79e6ed846f58ee38f2195899700783\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.2.i586.rpm\n2b1f78a24b7c604e491f874b4ee010eb\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-1.0.9-1.5.i586.rpm\n136302b1383bfa10e6963ac51c487156\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-calendar-1.0.9-1.5.i586.rpm\ne1cb5dd0e2f58ddfcf1e6aeba8188f2c\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-dom-inspector-1.0.9-1.5.i586.rpm\n540c5555216bbfb8e083cadacf97cd56\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-irc-1.0.9-1.5.i586.rpm\n0289839942737ac0942dd2a9f5eefe9b\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-mail-1.0.9-1.5.i586.rpm\n0795a2047ccf35a566480a9b66de3b95\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-spellchecker-1.0.9-1.5.i586.rpm\ne85070685e2a7306c942880786261678\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/seamonkey-venkman-1.0.9-1.5.i586.rpm\n29dba3d7132a130c2a7fe454556ed8a9\n\nSUSE LINUX 10.0:\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-2.0.0.8-1.1.i586.rpm\nb443c59893edc2831856b44cb45d6818\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-translations-2.0.0.8-1.1.i586.rpm\ned267848820945045e32a853fee275d9\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-1.8_seamonkey_1.0.9-2.7.i586.rpm\n66fce2adb0f9afae473ef0fe95dced71\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-calendar-1.8_seamonkey_1.0.9-2.7.i586.rpm\n2bd9fd5b7441f14d102f67b7dfd59ba9\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-devel-1.8_seamonkey_1.0.9-2.7.i586.rpm\nd9f3f1505fcfb25af2980ac738ede92e\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-dom-inspector-1.8_seamonkey_1.0.9-2.7.i586.rpm\n60e214cfb4c3a4786e2cd1a3238c5aeb\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-irc-1.8_seamonkey_1.0.9-2.7.i586.rpm\nc17c89b837b176c532dd4df5d5fe208c\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-ko-1.75-3.5.i586.rpm\nd4175069e22129dc9355d7db0492f250\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-mail-1.8_seamonkey_1.0.9-2.7.i586.rpm\n98a94679da3e405c7ed1ff7ae9405224\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-spellchecker-1.8_seamonkey_1.0.9-2.7.i586.rpm\n2c6a412a94f5912907b0c6bcd07124e5\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-venkman-1.8_seamonkey_1.0.9-2.7.i586.rpm\nf4f5da1e91972d8d188757389dcb5057\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-zh-CN-1.7-6.5.i586.rpm\n5fb2bf8cb496278cc3311c6db64551ff\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-zh-TW-1.7-6.5.i586.rpm\n39e86845e27e9923476a8cde8da90eff\n\nPower PC Platform:\n\nopenSUSE 10.3:\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-2.0.0.8-1.1.ppc.rpm\n9c9ac689cc29aae1488c7ad7b92d0bdd\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.1.ppc.rpm\n21e9f77bbb3c20814137327f6eaee9f9\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-1.1.5-0.1.ppc.rpm\ncc32112a9f89abba812147e40d0255d0\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-dom-inspector-1.1.5-0.1.ppc.rpm\n2c925817e2a4c98463cb9c09237a6cb5\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-irc-1.1.5-0.1.ppc.rpm\nfacd6df5c71d962063177fc348bb767f\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-mail-1.1.5-0.1.ppc.rpm\n03df79f55ac1616296b7e0742013e8ad\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-spellchecker-1.1.5-0.1.ppc.rpm\nf06ae78053dd6cf62454fd1f39123633\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-venkman-1.1.5-0.1.ppc.rpm\nc478ed242f3224ff7fe30d77967e7bee\n\nopenSUSE 10.2:\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-2.0.0.8-1.1.ppc.rpm\n6cc2e85621a7f5bd5e4b7d079cf7205b\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.1.ppc.rpm\nf34326ed73827774922995a0091ea4c4\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-1.1.5-0.1.ppc.rpm\nf82ae91873004c2aca4a6886df913ac7\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-dom-inspector-1.1.5-0.1.ppc.rpm\n5e54828377b091f9630628f5b1f22312\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-irc-1.1.5-0.1.ppc.rpm\nf6fee9249b8b8ed0169f45a31845e54d\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-mail-1.1.5-0.1.ppc.rpm\n0bb3655011a19a1b5c8e20a275151eaa\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-spellchecker-1.1.5-0.1.ppc.rpm\n06d93fdc67ea905637258c00a69f0a6d\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/seamonkey-venkman-1.1.5-0.1.ppc.rpm\nfdab90f20d0e9603cdde5ae40c59ec78\n\nSUSE LINUX 10.1:\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-2.0.0.8-1.2.ppc.rpm\n04972567fc2d1b3c9a1cd48de0a6a719\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.2.ppc.rpm\nb221dcecab11e53206be8d2b68af2897\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-1.0.9-1.5.ppc.rpm\n4ebcb7702a69f0296fec491e8e06eb8f\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-calendar-1.0.9-1.5.ppc.rpm\nbd1952ecd073cf8431f2444a3e4d4645\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-dom-inspector-1.0.9-1.5.ppc.rpm\nd3b6f079dd977541fb12b3c931581e49\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-irc-1.0.9-1.5.ppc.rpm\n82c041d37045a1eb1faba6a0b793d29b\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-mail-1.0.9-1.5.ppc.rpm\n66c77272f5d36f3b7338afc5b4c7f5a8\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-spellchecker-1.0.9-1.5.ppc.rpm\n2754235ca272e2f471d23dfe298b976c\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/seamonkey-venkman-1.0.9-1.5.ppc.rpm\n4cb01eb812c293bfadaf636d91ba2f6b\n\nSUSE LINUX 10.0:\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-2.0.0.8-1.1.ppc.rpm\n53176a31ec82d1433b9c85bdb5e4d55d\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-translations-2.0.0.8-1.1.ppc.rpm\n73cd0d20c927925d0c5fb8313e8e7761\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-1.8_seamonkey_1.0.9-2.7.ppc.rpm\nf2f91a58e1141ef80c23528aca6ea4f7\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-calendar-1.8_seamonkey_1.0.9-2.7.ppc.rpm\n9d48e1cc4486f0456c85a286acdfdd2f\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-devel-1.8_seamonkey_1.0.9-2.7.ppc.rpm\n6ce5464cbf1d814d79f3572735668bc3\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-dom-inspector-1.8_seamonkey_1.0.9-2.7.ppc.rpm\ndba8224a3018683fb25ef153f5c9216f\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-irc-1.8_seamonkey_1.0.9-2.7.ppc.rpm\nd3a6233e9be5b73a13c77116b9be6659\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-ko-1.75-3.5.ppc.rpm\n6aec834bdb366e4132c14186a8af7a5e\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-mail-1.8_seamonkey_1.0.9-2.7.ppc.rpm\n74db865b27ddf466507a9f53927977f2\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-spellchecker-1.8_seamonkey_1.0.9-2.7.ppc.rpm\n863dfd26f01216c2a355d8a6873509a8\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-venkman-1.8_seamonkey_1.0.9-2.7.ppc.rpm\n6655b800453b4352a7f0767fbdc16c99\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-zh-CN-1.7-6.5.ppc.rpm\n3b1227b6646d573e0b36667cdbf8b431\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mozilla-zh-TW-1.7-6.5.ppc.rpm\nea3f2ec400ef34feb6181584dd2df51f\n\nx86-64 Platform:\n\nopenSUSE 10.3:\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-2.0.0.8-1.1.x86_64.rpm\n286bc8449e069e29d0185180ae9af95a\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/MozillaFirefox-translations-2.0.0.8-1.1.x86_64.rpm\n423752fd83adb06750f5463ef86c4b94\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-1.1.5-0.1.x86_64.rpm\n535f222a51cf9b2b02b87d1e4662e562\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-dom-inspector-1.1.5-0.1.x86_64.rpm\n3e04002a25b7bb9fe4a4219e3a7fd177\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-irc-1.1.5-0.1.x86_64.rpm\n21936c9d7ca8a79e825608ff8ed6e87f\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-mail-1.1.5-0.1.x86_64.rpm\nf555ef7f3ff24402f806eda5abc0750f\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-spellchecker-1.1.5-0.1.x86_64.rpm\nc2843979e9fa2e847e48e39b1561fc90\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-venkman-1.1.5-0.1.x86_64.rpm\n248795e918196b3b6dd0b74e32747ea2\n\nopenSUSE 10.2:\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-2.0.0.8-1.1.x86_64.rpm\n6feaf265388a8e0d74f56d0b339c1b7b\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-translations-2.0.0.8-1.1.x86_64.rpm\ncc00f89ee535e0ead4036646b4a5b8aa\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-1.1.5-0.1.x86_64.rpm\n8791bfe757b4397d347be1e85be8c92d\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-dom-inspector-1.1.5-0.1.x86_64.rpm\n301c934989919c637aa6585c9b93ddaa\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-irc-1.1.5-0.1.x86_64.rpm\n8391c2b342d00def8fec429bed80597c\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-mail-1.1.5-0.1.x86_64.rpm\n56679451877bd2819907849119cae823\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-spellchecker-1.1.5-0.1.x86_64.rpm\n126d4df4e4cfe9e727572fc3ea29cf6f\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/seamonkey-venkman-1.1.5-0.1.x86_64.rpm\n4f93cb97a2eb9e27b28356cd22acc358\n\nSUSE LINUX 10.1:\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-1.0.9-1.5.x86_64.rpm\nb1b6e0fb86137856bcb99f9eadc8b311\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-calendar-1.0.9-1.5.x86_64.rpm\n9022c6152510f336e4a2dfea4be2d2fa\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-dom-inspector-1.0.9-1.5.x86_64.rpm\n8369f700d85a46e6cac2a144c0b83eba\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-irc-1.0.9-1.5.x86_64.rpm\nb9996f34dcd09395e11dfe7978136a46\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-mail-1.0.9-1.5.x86_64.rpm\n76404dc283e649d15d12cae9c20479e2\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-spellchecker-1.0.9-1.5.x86_64.rpm\n7822779669eedc3a963cc073339b7ad7\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/seamonkey-venkman-1.0.9-1.5.x86_64.rpm\n900c48a2079694f4163efa8e868846a4\n\nSUSE LINUX 10.0:\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\nc6e7c2fb0c20d62384a5705882980246\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-calendar-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\n100a0e68b16325739f04e37112174ef5\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-devel-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\n1f2f19a68a3bc76920f1acdc1b57f64d\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-dom-inspector-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\na37b87151167c84a2879fa21171f6869\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-irc-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\n27bdbef4228a6e38f043fb62d098d6ca\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-ko-1.75-3.5.x86_64.rpm\n0329e13cf39f6b049b0eb6d77e0a5d3e\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-mail-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\nbea94ac34f30deba19495135d401057f\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-spellchecker-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\ncbf92cb5ba4e9c8f8c759211dd98abb5\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-venkman-1.8_seamonkey_1.0.9-2.7.x86_64.rpm\n58366db4cf007ece188dc0b684653f43\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-zh-CN-1.7-6.5.x86_64.rpm\nff54d8d75657211b988c5f066290da47\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-zh-TW-1.7-6.5.x86_64.rpm\n991b44d1019e1691a226f4c4c34d01e7\n\nSources:\n\nopenSUSE 10.3:\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.8-1.1.src.rpm\n504257c7bb91d92c8c57f1d19a744885\nhttp://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/seamonkey-1.1.5-0.1.src.rpm\n3084f6f2578a126f4fc2ee09c4e99956\n\nopenSUSE 10.2:\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.8-1.1.src.rpm\nec010caa558bf186407aa6c01a0c86b9\nftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/seamonkey-1.1.5-0.1.src.rpm\n08b9664a84a9cd3e230fc548d1f700fa\n\nSUSE LINUX 10.1:\nftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/seamonkey-1.0.9-1.5.src.rpm\nda54807f0d499f28af2cb1618eead8e0\n\nSUSE LINUX 10.0:\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-2.0.0.8-1.1.src.rpm\n1fda55bec5840d4665ad497c29f1a607\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-1.8_seamonkey_1.0.9-2.7.src.rpm\nf259a9c634aa3b2a14f8896ce0d34f76\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-ko-1.75-3.5.src.rpm\ne7ecbfb4143f47767e179a1f2d9e7c94\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-zh-CN-1.7-6.5.src.rpm\na5096f53ac8f021e43fb0268c7d33839\nftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-zh-TW-1.7-6.5.src.rpm\n6871a8338eb79ad9b0c7f61a53429cef\n\nOpen Enterprise Server\nhttp://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html\n\nNovell Linux POS 9\nhttp://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html\n\nSUSE SLES 9\nhttp://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html\n\nUnitedLinux 1.0\nhttp://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html\n\nSuSE Linux Openexchange Server 4\nhttp://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html\n\nSuSE Linux Enterprise Server 8\nhttp://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html\n\nSuSE Linux Standard Server 8\nhttp://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html\n\nSuSE Linux School Server\nhttp://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html\n\nSUSE LINUX Retail Solution 8\nhttp://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html\n\nNovell Linux Desktop 9\nhttp://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html\nhttp://support.novell.com/techcenter/psdb/94e7e87449ed25841acaf9b535567347.html\n\nSUSE Linux Enterprise Server 10 SP1\nhttp://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html\n\nSUSE Linux Enterprise Desktop 10 SP1\nhttp://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html\n\nORIGINAL ADVISORY:\nhttp://www.novell.com/linux/security/advisories/2007_57_mozilla.html\n\nOTHER REFERENCES:\nSA20442:\nhttp://secunia.com/advisories/20442/\n\nSA22048:\nhttp://secunia.com/advisories/22048/\n\nSA25904:\nhttp://secunia.com/advisories/25904/\n\nSA26288:\nhttp://secunia.com/advisories/26288/\n\nSA27311:\nhttp://secunia.com/advisories/27311/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \nvia applications invoking Firefox with unfiltered command line\narguments. \n\nThis is related to:\nSA22048\nSA25984\n\nThe security issue affects Firefox prior to version 2.0.0.7. \n\nSOLUTION:\nUpdate to version 2.0.0.7. \n\nNOTE: Support for Firefox 1.5.0.x has ended June 2007. The vendor\nencourages users to upgrade to Firefox 2. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\nThe vulnerability is caused due to an input validation error within\nthe handling of system default URIs with registered URI handlers\n(e.g. \"mailto\", \"news\", \"nntp\", \"snews\", \"telnet\"). using\nFirefox visits a malicious website with a specially crafted \"mailto\"\nURI containing a \"%\" character and ends in a certain extension (e.g. \n\".bat\", \".cmd\")\n\nExamples:\nmailto:test%../../../../windows/system32/calc.exe\".cmd\nnntp:../../../../../Windows/system32/telnet.exe\" \"secunia.com\n80%.bat\n\nSuccessful exploitation requires that Internet Explorer 7 is\ninstalled on the system. \n\nThe vulnerability is confirmed on a fully patched Windows XP SP2 and\nWindows Server 2003 SP2 system using Firefox version 2.0.0.5 and\nNetscape Navigator version 9.0b2. \n\nSOLUTION:\nDo not browse untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nVulnerability discovered by:\n* Billy (BK) Rios\n\nFirefox not escaping quotes originally discussed by:\n* Jesper Johansson\n\nAdditional research by Secunia Research. \n\nORIGINAL ADVISORY:\nBilly (BK) Rios:\nhttp://xs-sniper.com/blog/2007/07/24/remote-command-execution-in-firefox-2005/\n\nOTHER REFERENCES:\nUS-CERT VU#783400:\nhttp://www.kb.cert.org/vuls/id/783400\n\nJesper Johansson blog:\nhttp://msinfluentials.com/blogs/jesper/archive/2007/07/20/hey-mozilla-quotes-are-not-legal-in-a-url.aspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\tNational Cyber Alert System\n   Technical Cyber Security Alert TA07-297B\n\n\nAdobe Updates for Microsoft Windows URI Vulnerability\n\n   Original release date: October 24, 2007\n   Last revised: --\n   Source: US-CERT\n\nSystems Affected\n\n   Microsoft Windows XP and Windows Server 2003 systems with Internet\n   Explorer 7 and any of the following Adobe products:\n     * Adobe Reader 8.1 and earlier\n     * Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier\n     * Adobe Reader 7.0.9 and earlier\n     * Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and\n       earlier\n\nOverview\n\n   Adobe has released updates for the Adobe Reader and Adobe Acrobat\n   product families. The update addresses a URI handling vulnerability in\n   Microsoft Windows XP and Server 2003 systems with Internet Explorer 7. \n\nI. Description\n\n   Installing Microsoft Internet Explorer (IE) 7 on Windows XP or Server\n   2003 changes the way Windows handles Uniform Resource Identifiers\n   (URIs). This change has introduced a flaw that can cause Windows to\n   incorrectly determine the appropriate handler for the protocol\n   specified in a URI. More information about this vulnerability is available in\n   US-CERT Vulnerability Note VU#403150. \n\n   Public reports indicate that this vulnerability is being actively\n   exploited with malicious PDF files. Adobe has released Adobe Reader\n   8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability. \n\nII. \n\nIII. Solution\n\nApply an update\n\n   Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to\n   address this issue. These Adobe products handle URIs in a way that\n   mitigates the vulnerability in Microsoft Windows. \n\nDisable the mailto: URI in Adobe Reader and Adobe Acrobat\n\n   If you are unable to install an updated version of the software, this\n   vulnerability can be mitigated by disabling the mailto: URI handler in\n   Adobe Reader and Adobe Acrobat. Please see Adobe Security Bulletin\n   APSB07-18 for details. \n\n\nAppendix A. Vendor Information\n\nAdobe\n\n   For information about updating affected Adobe products, see Adobe\n   Security Bulletin APSB07-18. \n\nAppendix B. References\n\n    * Adobe Security Bulletin APSB07-18 -\n      \u003chttp://www.adobe.com/support/security/bulletins/apsb07-18.htm\u003e\n     \n    * Microsoft Security Advisory (943521) -\n      \u003chttp://www.microsoft.com/technet/security/advisory/943521.mspx\u003e\n     \n    * US-CERT Vulnerability Note VU#403150 -\n      \u003chttp://www.kb.cert.org/vuls/id/403150\u003e\n\n _________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n     \u003chttp://www.us-cert.gov/cas/techalerts/TA07-297B.html\u003e\n _________________________________________________________________\n\n   Feedback can be directed to US-CERT Technical Staff. Please send\n   email to \u003ccert@cert.org\u003e with \"TA07-297B Feedback VU#403150\" in the\n   subject. \n _________________________________________________________________\n    \n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n _________________________________________________________________\n\n   Produced 2007 by US-CERT, a government organization. \n\n   Terms of use:\n\n     \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\nRevision History\n\n   October 24, 2007: Initial release\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRx+8WPRFkHkM87XOAQIrOQf/USsBbfDmKZ4GCi8W2466mI+kZoEHoe/H\n3l3p4/1cuFGoPHFfeDLbG+alXiHSAdXoX7Db34InEUKMs7kRUVPEdW9LggI9VaTJ\nlKnZJxM3dXL+zPCWcDkNqrmmzyJuXwN5FmSXhlcnN4+FRzNrZYwDe1UcOk3q6m1s\nVNPIBTrqfSuFRllNt+chV1vQ876LLweS+Xh1DIQ/VIyduqvTogoYZO4p2A0YJD57\n4y0obNuk+IhgzyhZHtSsR0ql7rGrFr4S97XUQGbKOAZWcDzNGiXJ5FkrMTaP25OI\nLazBVDofVz8ydUcEkb4belgv5REpfYUJc9hRbRZ+IpbAay2j42m8NQ==\n=PgB9\n-----END PGP SIGNATURE-----\n. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nInternet web sites are normally not allowed to link to local\nresources",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      },
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "BID",
        "id": "20138"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "db": "PACKETSTORM",
        "id": "60464"
      },
      {
        "db": "PACKETSTORM",
        "id": "59433"
      },
      {
        "db": "PACKETSTORM",
        "id": "58068"
      },
      {
        "db": "PACKETSTORM",
        "id": "60418"
      },
      {
        "db": "PACKETSTORM",
        "id": "50213"
      }
    ],
    "trust": 4.59
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-21073",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#751808",
        "trust": 3.3
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "20138",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "22048",
        "trust": 2.6
      },
      {
        "db": "SECUNIA",
        "id": "26201",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "27414",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1018687",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "1631",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-3155",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "26881",
        "trust": 0.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150",
        "trust": 0.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20060920 BACKDOORING MP3 FILES (PLUS QUICKTIME ISSUES AND CROSS-CONTEXT SCRIPTING)",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20070912 0DAY: QUICKTIME PWNS FIREFOX",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20061207 NEW MYSPACE WORM COULD BE ON ITS WAY",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2007-03-05",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-82197",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "28639",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-21073",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "60464",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "59433",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "58068",
        "trust": 0.1
      },
      {
        "db": "USCERT",
        "id": "TA07-297B",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "60418",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "50213",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "db": "BID",
        "id": "20138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "PACKETSTORM",
        "id": "60464"
      },
      {
        "db": "PACKETSTORM",
        "id": "59433"
      },
      {
        "db": "PACKETSTORM",
        "id": "58068"
      },
      {
        "db": "PACKETSTORM",
        "id": "60418"
      },
      {
        "db": "PACKETSTORM",
        "id": "50213"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "id": "VAR-200609-0414",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T19:31:05.862000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "QuickTime 7.2 for Windows",
        "trust": 0.8,
        "url": "http://www.apple.com/support/downloads/securityupdateforquicktime72forwindows.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.apple.com/jp/quicktime/"
      },
      {
        "title": "Security Update for QuickTime 7.2 for Windows",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=306560-en"
      },
      {
        "title": "Security Update for QuickTime 7.2 for Windows",
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=306560-ja"
      },
      {
        "title": "mfsa2007-28",
        "trust": 0.8,
        "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-28.html"
      },
      {
        "title": "mfsa2007-28",
        "trust": 0.8,
        "url": "http://www.mozilla-japan.org/security/announce/2007/mfsa2007-28.html"
      },
      {
        "title": "QuickTime 7.2 for Windows",
        "trust": 0.8,
        "url": "http://www.apple.com/jp/ftp-info/reference/securityupdateforquicktime72forwindows.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-78",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
      },
      {
        "trust": 2.8,
        "url": "http://docs.info.apple.com/article.html?artnum=305149"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/20138"
      },
      {
        "trust": 2.5,
        "url": "http://www.kb.cert.org/vuls/id/751808"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1018687"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/22048"
      },
      {
        "trust": 2.4,
        "url": "http://support.microsoft.com/kb/224816"
      },
      {
        "trust": 2.1,
        "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files/"
      },
      {
        "trust": 1.7,
        "url": "http://xs-sniper.com/blog/2007/07/24/remote-command-execution-in-firefox-2005/"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/26201/"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2007/mar/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/27414"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/1631"
      },
      {
        "trust": 1.6,
        "url": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
      },
      {
        "trust": 1.6,
        "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=389580"
      },
      {
        "trust": 1.6,
        "url": "http://kb.mozillazine.org/firefox_:_faqs_:_about:config_entries"
      },
      {
        "trust": 1.6,
        "url": "http://en.wikipedia.org/wiki/uniform_resource_identifier"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2007/3155"
      },
      {
        "trust": 1.2,
        "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-28.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/3155"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/26881/"
      },
      {
        "trust": 0.8,
        "url": "http://docs.info.apple.com/article.html?artnum=306560"
      },
      {
        "trust": 0.8,
        "url": "http://blog.mozilla.com/security/2007/09/18/firefox-2.0.0.7-now-available/"
      },
      {
        "trust": 0.8,
        "url": "http://developer.apple.com/quicktime/quicktimeintro/tools/embed2.html"
      },
      {
        "trust": 0.8,
        "url": "http://noscript.net/features#contentblocking"
      },
      {
        "trust": 0.8,
        "url": "http://noscript.net"
      },
      {
        "trust": 0.8,
        "url": "http://msdn2.microsoft.com/en-us/library/ms647732.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms07-061.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/advisory/943521.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://blogs.technet.com/msrc/archive/2007/10/25/msrc-blog-october-25th-update-to-security-advisory-943521.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://www.adobe.com/support/security/advisories/apsa07-04.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.adobe.com/support/security/bulletins/apsb07-18.html"
      },
      {
        "trust": 0.8,
        "url": "http://en-us.www.mozilla.com/en-us/firefox/2.0.0.6/releasenotes/"
      },
      {
        "trust": 0.8,
        "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=389106"
      },
      {
        "trust": 0.8,
        "url": "http://www.w3schools.com/tags/ref_urlencode.asp"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4673"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4965"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu%23751808/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4673"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4965"
      },
      {
        "trust": 0.8,
        "url": "http://www.cyberpolice.go.jp/important/2007/20071005_152642.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/479179/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/453756/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/446750/100/0/threaded"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/quicktime/"
      },
      {
        "trust": 0.3,
        "url": "http://projects.info-pull.com/moab/moab-03-01-2007.html"
      },
      {
        "trust": 0.3,
        "url": "http://browser.netscape.com/releasenotes/"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.securiteam.com/?p=1019"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/479179"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/22048/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/seamonkey-1.1.5-0.1.src.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1171/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/16124/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2001/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-irc-1.1.5-0.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-venkman-1.1.5-0.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2003/"
      },
      {
        "trust": 0.1,
        "url": "http://support.novell.com/techcenter/psdb/bc8dbb4aea45ba7fac544f7e63f7898b.html"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-spellchecker-1.1.5-0.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://support.novell.com/techcenter/psdb/94e7e87449ed25841acaf9b535567347.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27414/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/25904/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/mozillafirefox-2.0.0.8-1.1.src.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-mail-1.1.5-0.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/13375/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/20442/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27311/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozillafirefox-translations-2.0.0.8-1.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/mozillafirefox-translations-2.0.0.8-1.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-mail-1.1.5-0.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-1.1.5-0.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/mozillafirefox-translations-2.0.0.8-1.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-spellchecker-1.1.5-0.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-dom-inspector-1.1.5-0.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/mozillafirefox-2.0.0.8-1.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/26288/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/mozillafirefox-2.0.0.8-1.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4664/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-dom-inspector-1.1.5-0.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/mozillafirefox-2.0.0.8-1.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-spellchecker-1.1.5-0.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6221/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-irc-1.1.5-0.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4118/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-1.1.5-0.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-dom-inspector-1.1.5-0.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-irc-1.1.5-0.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/seamonkey-venkman-1.1.5-0.1.ppc.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/seamonkey-1.1.5-0.1.i586.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-mail-1.1.5-0.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12192/"
      },
      {
        "trust": 0.1,
        "url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/seamonkey-venkman-1.1.5-0.1.x86_64.rpm"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/10796/"
      },
      {
        "trust": 0.1,
        "url": "http://support.novell.com/techcenter/psdb/605742757aa7f9e469593be4df1322b6.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4227/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12434/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/25984/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1173/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/22/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/network_software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1174/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1176/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1175/"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/783400"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/16/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12366/"
      },
      {
        "trust": 0.1,
        "url": "http://msinfluentials.com/blogs/jesper/archive/2007/07/20/hey-mozilla-quotes-are-not-legal-in-a-url.aspx"
      },
      {
        "trust": 0.1,
        "url": "http://www.adobe.com/support/security/bulletins/apsb07-18.htm\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/technet/security/advisory/943521.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/403150\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta07-297b.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5090/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/quality_assurance_analyst/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/web_application_security_specialist/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "db": "BID",
        "id": "20138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "PACKETSTORM",
        "id": "60464"
      },
      {
        "db": "PACKETSTORM",
        "id": "59433"
      },
      {
        "db": "PACKETSTORM",
        "id": "58068"
      },
      {
        "db": "PACKETSTORM",
        "id": "60418"
      },
      {
        "db": "PACKETSTORM",
        "id": "50213"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "db": "BID",
        "id": "20138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "db": "PACKETSTORM",
        "id": "60464"
      },
      {
        "db": "PACKETSTORM",
        "id": "59433"
      },
      {
        "db": "PACKETSTORM",
        "id": "58068"
      },
      {
        "db": "PACKETSTORM",
        "id": "60418"
      },
      {
        "db": "PACKETSTORM",
        "id": "50213"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-09-13T00:00:00",
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "date": "2007-07-27T00:00:00",
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "date": "2007-07-26T00:00:00",
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "date": "2006-09-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "date": "2006-09-21T00:00:00",
        "db": "BID",
        "id": "20138"
      },
      {
        "date": "2007-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "date": "2007-10-29T15:03:58",
        "db": "PACKETSTORM",
        "id": "60464"
      },
      {
        "date": "2007-09-20T08:11:10",
        "db": "PACKETSTORM",
        "id": "59433"
      },
      {
        "date": "2007-07-27T03:17:23",
        "db": "PACKETSTORM",
        "id": "58068"
      },
      {
        "date": "2007-10-25T04:18:19",
        "db": "PACKETSTORM",
        "id": "60418"
      },
      {
        "date": "2006-09-21T23:56:25",
        "db": "PACKETSTORM",
        "id": "50213"
      },
      {
        "date": "2006-09-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "date": "2006-09-25T00:07:00",
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-10-04T00:00:00",
        "db": "CERT/CC",
        "id": "VU#751808"
      },
      {
        "date": "2007-11-13T00:00:00",
        "db": "CERT/CC",
        "id": "VU#403150"
      },
      {
        "date": "2007-07-31T00:00:00",
        "db": "CERT/CC",
        "id": "VU#783400"
      },
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-21073"
      },
      {
        "date": "2015-03-19T08:50:00",
        "db": "BID",
        "id": "20138"
      },
      {
        "date": "2007-10-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000686"
      },
      {
        "date": "2006-09-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      },
      {
        "date": "2024-11-21T00:17:18.823000",
        "db": "NVD",
        "id": "CVE-2006-4965"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple QuickTime remote command execution vulnerability",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#751808"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-423"
      }
    ],
    "trust": 0.6
  }
}

ghsa-8x7f-x5pj-6mmh

Vulnerability from github

Published

2022-05-01 07:23

Modified

2025-04-03 04:41

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-4965"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-09-25T00:07:00Z",
    "severity": "MODERATE"
  },
  "details": "Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain.  NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.",
  "id": "GHSA-8x7f-x5pj-6mmh",
  "modified": "2025-04-03T04:41:11Z",
  "published": "2022-05-01T07:23:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4965"
    },
    {
      "type": "WEB",
      "url": "http://docs.info.apple.com/article.html?artnum=305149"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/22048"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27414"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/1631"
    },
    {
      "type": "WEB",
      "url": "http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox"
    },
    {
      "type": "WEB",
      "url": "http://www.gnucitizen.org/blog/backdooring-mp3-files"
    },
    {
      "type": "WEB",
      "url": "http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/751808"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/446750/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/453756/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/479179/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/20138"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018687"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3155"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-4965 (GCVE-0-2006-4965)

Vulnerability from cvelistv5

gsd-2006-4965

Vulnerability from gsd

CERTA-2007-AVI-112

Vulnerability from certfr_avis

Description

Solution

CERTA-2007-ALE-014

Vulnerability from certfr_alerte

Description

Contournements provisoires

Solution

fkie_cve-2006-4965

Vulnerability from fkie_nvd

var-200609-0414

Vulnerability from variot

ghsa-8x7f-x5pj-6mmh

Vulnerability from github

Tags

Sightings

Nomenclature