Details of VAR-200703-0017

ID

VAR-200703-0017

CVE

CVE-2007-0716

TITLE

Apple QuickTime 3GP integer overflow

Trust: 0.8

sources: CERT/CC: VU#568689

DESCRIPTION

Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Apple QuickTime is prone to multiple unspecified remote code-execution vulnerabilities including mulitple heap and stack-based buffer-overflow and integer-overflow issues. These issues arise when the application handles specially crafted 3GP, MIDI, MOV, PICT, and QTIF files. Successful attacks can result in the compromise of the applicaiton or can cause denial-of-service conditions. Few details regarding these issues are currently available. Separate BIDs for each issue will be created as new information becomes available. QuickTime versions prior to 7.1.5 are vulnerable. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. There are multiple buffer overflow vulnerabilities in QuickTime's processing of various media formats. Remote attackers may exploit these vulnerabilities to control the user's machine by enticing the user to open and process malformed media files. There is a stack overflow when QuickTime handles QTIF files. (CVE-2007-0716)

Trust: 7.74

sources: NVD: CVE-2007-0716 // CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // JVNDB: JVNDB-2007-000196 // BID: 22827 // VULHUB: VHN-24078

AFFECTED PRODUCTS

vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 6.4
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.1	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.4	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.2	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.4	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.1	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.2	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.3	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.3	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	lte	version:	7.1.4	Trust: 0.8
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	ne	version:	7.1.5	Trust: 0.3

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // BID: 22827 // JVNDB: JVNDB-2007-000196 // CNNVD: CNNVD-200703-176 // NVD: CVE-2007-0716

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-0716
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#568689
value:	16.20
Trust: 0.8
CARNEGIE MELLON:	VU#880561
value:	6.64
Trust: 0.8
CARNEGIE MELLON:	VU#822481
value:	9.00
Trust: 0.8
CARNEGIE MELLON:	VU#861817
value:	17.36
Trust: 0.8
CARNEGIE MELLON:	VU#448745
value:	4.81
Trust: 0.8
CARNEGIE MELLON:	VU#313225
value:	17.72
Trust: 0.8
CARNEGIE MELLON:	VU#410993
value:	16.20
Trust: 0.8
CARNEGIE MELLON:	VU#642433
value:	16.20
Trust: 0.8
NVD:	CVE-2007-0716
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200703-176
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-24078
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-0716
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24078
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // VULHUB: VHN-24078 // JVNDB: JVNDB-2007-000196 // CNNVD: CNNVD-200703-176 // NVD: CVE-2007-0716

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0716

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200703-176

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200703-176

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000196

PATCH

title:	QuickTime 7.1.5 for Mac	url:	http://www.apple.com/support/downloads/quicktime715formac.html	Trust: 0.8
title:	QuickTime 7.1.5 for Windows	url:	http://www.apple.com/support/downloads/quicktime715forwindows.html	Trust: 0.8
title:	QuickTime 7.1.5	url:	http://docs.info.apple.com/article.html?artnum=305149	Trust: 0.8
title:	QuickTime 7.1.5	url:	http://docs.info.apple.com/article.html?artnum=305149-ja	Trust: 0.8
title:	アップル - QuickTime	url:	http://www.apple.com/jp/quicktime/download/win.html	Trust: 0.8
title:	QuickTime 7.1.5 for Windows	url:	http://www.apple.com/jp/ftp-info/reference/quicktime715forwindows.html	Trust: 0.8
title:	QuickTime 7.1.5 for Mac	url:	http://www.apple.com/jp/ftp-info/reference/quicktime715formac.html	Trust: 0.8

sources: JVNDB: JVNDB-2007-000196

EXTERNAL IDS

db:	BID	id:	22827	Trust: 9.2
db:	SECUNIA	id:	24359	Trust: 8.9
db:	SECTRACK	id:	1017725	Trust: 8.1
db:	AUSCERT	id:	AL-2007.0031	Trust: 6.4
db:	CERT/CC	id:	VU#642433	Trust: 3.6
db:	NVD	id:	CVE-2007-0716	Trust: 2.8
db:	USCERT	id:	TA07-065A	Trust: 2.8
db:	OSVDB	id:	33900	Trust: 1.7
db:	VUPEN	id:	ADV-2007-0825	Trust: 1.7
db:	XF	id:	32822	Trust: 1.4
db:	CERT/CC	id:	VU#568689	Trust: 1.1
db:	CERT/CC	id:	VU#880561	Trust: 1.1
db:	CERT/CC	id:	VU#822481	Trust: 1.1
db:	CERT/CC	id:	VU#861817	Trust: 1.1
db:	CERT/CC	id:	VU#448745	Trust: 1.1
db:	CERT/CC	id:	VU#313225	Trust: 1.1
db:	CERT/CC	id:	VU#410993	Trust: 1.1
db:	BID	id:	22843	Trust: 0.8
db:	BID	id:	22844	Trust: 0.8
db:	ZDI	id:	ZDI-07-010	Trust: 0.8
db:	USCERT	id:	SA07-065A	Trust: 0.8
db:	JVNDB	id:	JVNDB-2007-000196	Trust: 0.8
db:	CERT/CC	id:	TA07-065A	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2007-03-05	Trust: 0.6
db:	CNNVD	id:	CNNVD-200703-176	Trust: 0.6
db:	VULHUB	id:	VHN-24078	Trust: 0.1

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // VULHUB: VHN-24078 // BID: 22827 // JVNDB: JVNDB-2007-000196 // CNNVD: CNNVD-200703-176 // NVD: CVE-2007-0716

REFERENCES

url:	http://www.securityfocus.com/bid/22827	Trust: 8.9
url:	http://docs.info.apple.com/article.html?artnum=305149	Trust: 8.1
url:	http://secunia.com/advisories/24359/	Trust: 6.4
url:	http://www.auscert.org.au/7356	Trust: 6.4
url:	http://www.ciac.org/ciac/bulletins/r-171.shtml	Trust: 6.4
url:	http://securitytracker.com/id?1017725	Trust: 5.6
url:	http://www.us-cert.gov/cas/techalerts/ta07-065a.html	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/642433	Trust: 2.8
url:	http://www.apple.com/quicktime/download/	Trust: 2.7
url:	http://www.securitytracker.com/id?1017725	Trust: 2.5
url:	http://secunia.com/advisories/24359	Trust: 2.5
url:	http://www.us-cert.gov/cas/tips/st04-010.html	Trust: 2.4
url:	http://support.microsoft.com/default.aspx?scid=kb;en-us;q294676	Trust: 2.4
url:	http://www.cert.org/tech_tips/before_you_plug_in.html	Trust: 2.4
url:	http://www.mozilla.org/support/firefox/faq	Trust: 2.4
url:	http://lists.apple.com/archives/security-announce/2007/mar/msg00000.html	Trust: 1.7
url:	http://osvdb.org/33900	Trust: 1.7
url:	http://www.apple.com/itunes/	Trust: 1.6
url:	http://www.frsirt.com/english/advisories/2007/0825	Trust: 1.4
url:	http://xforce.iss.net/xforce/xfdb/32822	Trust: 1.4
url:	http://www.vupen.com/english/advisories/2007/0825	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/32822	Trust: 1.1
url:	http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt	Trust: 0.8
url:	http://en.wikipedia.org/wiki/.mov	Trust: 0.8
url:	http://www.securityfocus.com/bid/22843	Trust: 0.8
url:	http://en.wikipedia.org/wiki/musical_instrument_digital_interface	Trust: 0.8
url:	http://developer.apple.com/documentation/quicktime/qtff/index.html	Trust: 0.8
url:	http://developer.apple.com/documentation/quicktime/qtff/qtffchap2/chapter_3_section_2.html	Trust: 0.8
url:	http://secway.org/advisory/ad20070306.txt	Trust: 0.8
url:	http://secway.org/advisory/ad20060512.txt	Trust: 0.8
url:	http://www.zerodayinitiative.com/advisories/zdi-07-010.html	Trust: 0.8
url:	http://www.securityfocus.com/bid/22844	Trust: 0.8
url:	http://en.wikipedia.org/wiki/pict	Trust: 0.8
url:	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=486	Trust: 0.8
url:	http://www.reversemode.com/index.php?option=com_remository&itemid=2&func=fileinfo&id=46	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0716	Trust: 0.8
url:	http://jvn.jp/cert/jvnta07-065a/index.html	Trust: 0.8
url:	http://jvn.jp/tr/trta07-065a/index.html	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0716	Trust: 0.8
url:	http://www.us-cert.gov/cas/alerts/sa07-065a.html	Trust: 0.8
url:	http://www.cyberpolice.go.jp/important/2007/20070306_153534.html	Trust: 0.8
url:	http://www.apple.com/quicktime/	Trust: 0.3
url:	msg://bugtraq/45ec9719.10206@idefense.com	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/313225	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/410993	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/448745	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/568689	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/822481	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/861817	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/880561	Trust: 0.3

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // VULHUB: VHN-24078 // BID: 22827 // JVNDB: JVNDB-2007-000196 // CNNVD: CNNVD-200703-176 // NVD: CVE-2007-0716

CREDITS

JJ Reyes Mike Price iotr Bania Artur Ogloza Piotr Bania※ bania.piotr@gmail.com※Sowhat※ smaillist@gmail.com※http://www.zerodayinitiative.com/

Trust: 0.6

sources: CNNVD: CNNVD-200703-176

SOURCES

db:	CERT/CC	id:	VU#568689
db:	CERT/CC	id:	VU#880561
db:	CERT/CC	id:	VU#822481
db:	CERT/CC	id:	VU#861817
db:	CERT/CC	id:	VU#448745
db:	CERT/CC	id:	VU#313225
db:	CERT/CC	id:	VU#410993
db:	CERT/CC	id:	VU#642433
db:	VULHUB	id:	VHN-24078
db:	BID	id:	22827
db:	JVNDB	id:	JVNDB-2007-000196
db:	CNNVD	id:	CNNVD-200703-176
db:	NVD	id:	CVE-2007-0716

LAST UPDATE DATE

2025-04-30T01:52:12.493000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#568689	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#880561	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#822481	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#861817	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#448745	date:	2007-03-09T00:00:00
db:	CERT/CC	id:	VU#313225	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#410993	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#642433	date:	2007-03-19T00:00:00
db:	VULHUB	id:	VHN-24078	date:	2017-07-29T00:00:00
db:	BID	id:	22827	date:	2007-03-06T21:05:00
db:	JVNDB	id:	JVNDB-2007-000196	date:	2007-04-19T00:00:00
db:	CNNVD	id:	CNNVD-200703-176	date:	2007-06-27T00:00:00
db:	NVD	id:	CVE-2007-0716	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#568689	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#880561	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#822481	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#861817	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#448745	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#313225	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#410993	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#642433	date:	2007-03-06T00:00:00
db:	VULHUB	id:	VHN-24078	date:	2007-03-05T00:00:00
db:	BID	id:	22827	date:	2007-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2007-000196	date:	2007-04-19T00:00:00
db:	CNNVD	id:	CNNVD-200703-176	date:	2007-03-05T00:00:00
db:	NVD	id:	CVE-2007-0716	date:	2007-03-05T22:19:00