fkie_nvd - fkie_cve-2007-0711

fkie_cve-2007-0711

Vulnerability from fkie_nvd

Published

2007-03-05 22:19

Modified

2025-04-09 00:30

Severity ?

Summary

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.

References

URL	Tags
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=305149	Patch, Vendor Advisory
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html	Vendor Advisory
cve@mitre.org	http://osvdb.org/33905
cve@mitre.org	http://secunia.com/advisories/24359	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/568689	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/22827
cve@mitre.org	http://www.securitytracker.com/id?1017725
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-065A.html	Patch, US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0825
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/32814
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=305149	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/33905
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24359	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/568689	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22827
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017725
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-065A.html	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0825
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32814

Impacted products

Vendor	Product	Version
apple	quicktime	*
apple	quicktime	3.0
apple	quicktime	4.1.2
apple	quicktime	5.0.1
apple	quicktime	5.0.2
apple	quicktime	6.0
apple	quicktime	6.0.0
apple	quicktime	6.0.1
apple	quicktime	6.0.2
apple	quicktime	6.1.0
apple	quicktime	6.1.1
apple	quicktime	6.2.0
apple	quicktime	6.3.0
apple	quicktime	6.4.0
apple	quicktime	6.5.0
apple	quicktime	6.5.1
apple	quicktime	6.5.2
apple	quicktime	7.0
apple	quicktime	7.0.0
apple	quicktime	7.0.1
apple	quicktime	7.0.2
apple	quicktime	7.0.3
apple	quicktime	7.0.4
apple	quicktime	7.1.0
apple	quicktime	7.1.1
apple	quicktime	7.1.2
apple	quicktime	7.1.3
microsoft	windows	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:*",
              "matchCriteriaId": "D4848C0C-7CEA-4C7A-956E-0C460A5E3896",
              "versionEndIncluding": "7.1.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F310A8-F760-4059-987D-42369F360DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:4.1.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "03C15EB0-1D29-4DBE-B2C0-FE9365E8D624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "EE3EAE38-9DE6-450D-BCD0-70E590C1F76E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "63D7214C-FAF6-4DCA-8520-8A539BDCD98A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "0D02D35D-E957-4949-B5DA-F3654B13A308",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "FC48F2B6-4BC7-4B57-ADE2-4907287A1AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "6469AEDC-6F9D-4CAC-84B2-F13107626FB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "CB2DFC1B-6452-4575-A099-2E5FD387A8AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "01A24DD9-5AB8-4091-A293-1A2D7953D455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "D282FA67-0089-4ED5-8168-E3CE8B510BBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "2B5928A2-C989-4B27-91E1-7019277B2E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "51292C8C-4905-4C30-B166-ACCE39D9DEE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "3433487A-98ED-4C28-8659-609BF395E23A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "335F4D89-983A-4C05-937A-EEE802A260D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "7F189FAB-3BA1-4C1B-975F-E174D5CB8771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F7A30674-38BA-49B8-9DE0-4C9FB5A62DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "284BAF97-86BC-4520-BAB6-D75D18FFA1DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "3F4075B0-0F9F-466B-8521-2156849247C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "DF2A6BCB-108E-4226-BC31-6E0057DFB6D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F8BF6A6A-F734-4395-9305-2E9F52EE888F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*",
              "matchCriteriaId": "AFCB45F3-397E-42A8-8D08-ECF667939FF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*",
              "matchCriteriaId": "D5C04F70-E2E6-48F4-948D-9D0C7B2A2F3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*",
              "matchCriteriaId": "E1DB3FBD-40F4-41FB-A939-3E3A4D0D85B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F45B47BB-E14F-4437-8828-EF059496BF95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*",
              "matchCriteriaId": "9B353211-F90E-4F38-9D0B-B8C7EC00E66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*",
              "matchCriteriaId": "F6A44CA9-D257-4BB7-B5AB-23193F35FCB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en Apple QuickTime anterior a 7.1.5, cuando est\u00e1 instalado en un sistema operativo Windows, permite a atacantes remotos con la intervenci\u00f3n del usuario provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo de video 3GP manipulado."
    }
  ],
  "id": "CVE-2007-0711",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-03-05T22:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://docs.info.apple.com/article.html?artnum=305149"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/33905"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24359"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/568689"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22827"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017725"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-065A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0825"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://docs.info.apple.com/article.html?artnum=305149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/33905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24359"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/568689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-065A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32814"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-0711 (GCVE-0-2007-0711)

Vulnerability from cvelistv5

Published

2007-03-05 22:00