Sign-up

ID

VAR-200701-0593


CVE

CVE-2007-0059


TITLE

Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability

Trust: 0.8

sources: CERT/CC: VU#304064

DESCRIPTION

Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm. Web browsers running the Apple QuickTime plugin may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. Apple QuickTime is a multimedia playback software developed by Apple (Apple). The software is capable of handling multiple sources such as digital video, media segments, and more. A cross-site scripting vulnerability exists in Apple Quicktime versions 3 through 7.1.3. The HREF Track (HREFTrack) contains an automation tag with a local URI. By exploiting a MySpace worm, it can be run in local storage during the preview

Trust: 2.43

sources: NVD: CVE-2007-0059 // CERT/CC: VU#304064 // JVNDB: JVNDB-2007-001325 // VULHUB: VHN-23421

AFFECTED PRODUCTS

vendor:applemodel:quicktimescope:eqversion:3.0

Trust: 1.6

vendor:applemodel:quicktimescope:lteversion:7.1.3

Trust: 1.0

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:quicktimescope:eqversion:3 to 7.1.3

Trust: 0.8

vendor:applemodel:quicktimescope:eqversion:7.1.3

Trust: 0.6

vendor:applemodel:quicktimescope:eqversion:3

Trust: 0.6

sources: CERT/CC: VU#304064 // JVNDB: JVNDB-2007-001325 // CNNVD: CNNVD-200701-015 // NVD: CVE-2007-0059

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-0059
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#304064
value: 9.72

Trust: 0.8

NVD: CVE-2007-0059
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200701-015
value: MEDIUM

Trust: 0.6

VULHUB: VHN-23421
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-0059
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-23421
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#304064 // VULHUB: VHN-23421 // JVNDB: JVNDB-2007-001325 // CNNVD: CNNVD-200701-015 // NVD: CVE-2007-0059

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0059

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200701-015

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200701-015

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-001325

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-23421

PATCH
title:APPLE-SA-2007-03-05url:http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-001325

EXTERNAL IDS
db:CERT/CCid:VU#304064
Trust: 3.3
db:NVDid:CVE-2007-0059
Trust: 2.5
db:OSVDBid:31164
Trust: 1.7
db:JVNDBid:JVNDB-2007-001325
Trust: 0.8
db:CNNVDid:CNNVD-200701-015
Trust: 0.7
db:APPLEid:APPLE-SA-2007-03-05
Trust: 0.6
db:EXPLOIT-DBid:3077
Trust: 0.1
db:BIDid:83564
Trust: 0.1
db:VULHUBid:VHN-23421
Trust: 0.1
sources:
            
            
            CERT/CC: VU#304064 // 
            
            
            
            VULHUB: VHN-23421 // 
            
            
            
            JVNDB: JVNDB-2007-001325 // 
            
            
            
            CNNVD: CNNVD-200701-015 // 
            
            
            
            NVD: CVE-2007-0059

REFERENCES
url:http://projects.info-pull.com/moab/moab-03-01-2007.html
Trust: 2.5
url:http://www.gnucitizen.org/blog/backdooring-quicktime-movies/
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/304064
Trust: 2.5
url:http://lists.apple.com/archives/security-announce/2007/mar/msg00000.html
Trust: 1.7
url:http://docs.info.apple.com/article.html?artnum=305149
Trust: 1.7
url:http://osvdb.org/31164
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0059
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0059
Trust: 0.8
sources:
            
            
            CERT/CC: VU#304064 // 
            
            
            
            VULHUB: VHN-23421 // 
            
            
            
            JVNDB: JVNDB-2007-001325 // 
            
            
            
            CNNVD: CNNVD-200701-015 // 
            
            
            
            NVD: CVE-2007-0059

SOURCES
db:CERT/CCid:VU#304064
db:VULHUBid:VHN-23421
db:JVNDBid:JVNDB-2007-001325
db:CNNVDid:CNNVD-200701-015
db:NVDid:CVE-2007-0059

LAST UPDATE DATE
2025-04-10T19:33:23.827000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#304064date:2007-03-19T00:00:00
db:VULHUBid:VHN-23421date:2018-10-30T00:00:00
db:JVNDBid:JVNDB-2007-001325date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200701-015date:2007-01-15T00:00:00
db:NVDid:CVE-2007-0059date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CERT/CCid:VU#304064date:2007-01-12T00:00:00
db:VULHUBid:VHN-23421date:2007-01-05T00:00:00
db:JVNDBid:JVNDB-2007-001325date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200701-015date:2007-01-04T00:00:00
db:NVDid:CVE-2007-0059date:2007-01-05T00:28:00