fkie_nvd - fkie_cve-2007-6166

fkie_cve-2007-6166

Vulnerability from fkie_nvd

Published

2007-11-29 01:46

Modified

2025-04-09 00:30

Severity ?

Summary

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.

References

URL	Tags
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307176
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
cve@mitre.org	http://secunia.com/advisories/27755	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/29182	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200803-08.xml
cve@mitre.org	http://securityreason.com/securityalert/3410
cve@mitre.org	http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
cve@mitre.org	http://www.kb.cert.org/vuls/id/659761	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/26549
cve@mitre.org	http://www.securityfocus.com/bid/26560
cve@mitre.org	http://www.securitytracker.com/id?1018989
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-334A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3984	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
cve@mitre.org	https://www.exploit-db.com/exploits/4648
cve@mitre.org	https://www.exploit-db.com/exploits/6013
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307176
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27755	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29182	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200803-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3410
af854a3a-2127-422b-91ae-364da2661108	http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/659761	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26549
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26560
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018989
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-334A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3984	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38604
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4648
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/6013

Impacted products

Vendor	Product	Version
apple	quicktime	*
apple	quicktime	-
apple	quicktime	3.0
apple	quicktime	4.1.2
apple	quicktime	5.0
apple	quicktime	5.0.1
apple	quicktime	5.0.2
apple	quicktime	6.0
apple	quicktime	6.1
apple	quicktime	6.5
apple	quicktime	6.5.1
apple	quicktime	6.5.2
apple	quicktime	7.0
apple	quicktime	7.0.1
apple	quicktime	7.0.2
apple	quicktime	7.0.3
apple	quicktime	7.0.4
apple	quicktime	7.1
apple	quicktime	7.1.1
apple	quicktime	7.1.2
apple	quicktime	7.1.3
apple	quicktime	7.1.4
apple	quicktime	7.1.5
apple	quicktime	7.1.6
apple	quicktime	7.2
microsoft	windows_vista	*
microsoft	windows_xp	*
apple	safari	*
apple	mac_os_x	10.3.9
apple	mac_os_x	10.4.9
apple	mac_os_x	10.5
apple	mac_os_x	10.5.0
apple	mac_os_x	10.5.1
apple	mac_os_x	10.5.2
apple	mac_os_x	10.5.3
apple	mac_os_x	10.5.4
apple	mac_os_x	10.5.5
apple	mac_os_x	10.5.6
apple	mac_os_x	10.5.7
apple	mac_os_x	10.5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24B999C-BF13-4379-A8FF-A4C831C97453",
              "versionEndIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE08FAE-0862-4C36-95BC-878B04CBF397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71BC599-FCBE-4F1F-AA24-41AF91F82226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41473E1D-B988-4312-B16B-D340508DD473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCC2EBC0-F2A6-4709-9A27-CF63BC578744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "844E1B14-A13A-47F1-9C82-02EAEED1A911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80747BDD-70E9-4E74-896F-C79D014F1B2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA1E140B-BCB4-4B3C-B287-E9E944E08DB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CB5C4-9A5A-4831-8FFD-0D261619A7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CE0B67-0794-472D-A2C0-CC5CA0E36370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5DDF47-5AA5-4EE3-B12D-9218F528EFE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1B5F2F-CDBF-4AEF-9F78-0C010664B9E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "98C9B657-5484-4458-861E-D6FB5019265A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC90AA12-DD17-4607-90CB-E342E83F20BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3E721C-00CA-4D51-B542-F2BC5C0D65BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "855288F1-0242-4951-AB3F-B7AF13E21CF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "10082781-B93E-4B84-94F2-FA9749B4D92B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE1EBF04-C440-4A6B-93F2-DC3A812728C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB077A2-927B-43AF-BFD5-0E78648C9394",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2398ADC8-A106-462E-B9AE-F8AF800D0A3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Apple QuickTime anterior a la versi\u00f3n 7.3.1, como es usado en QuickTime Player en Windows XP y Safari en Mac OS X, permite a servidores remotos de Real Time Streaming Protocol (RTSP) ejecutar c\u00f3digo arbitrario por medio de una respuesta RTSP con un encabezado Content-Type largo."
    }
  ],
  "id": "CVE-2007-6166",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-11-29T01:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27755"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29182"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3410"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/659761"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26549"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26560"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018989"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3984"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/4648"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/6013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3410"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/659761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-334A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/4648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/6013"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-6166 (GCVE-0-2007-6166)

Vulnerability from cvelistv5

Published

2007-11-29 01:00