Details of VAR-200712-0422

ID

VAR-200712-0422

CVE

CVE-2007-4706

TITLE

Apple QuickTime Rogue QTL File reference heap overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2007-001037

DESCRIPTION

Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file. An attacker can exploit this issue by enticing an unsuspecting user to open a specially crafted QTL file. Failed exploit attempts likely result in denial-of-service conditions. This issue affects Apple QuickTime running on Microsoft Windows Vista, Microsoft Windows XP SP2, and Mac OS X. The software is capable of handling multiple sources such as digital video, media segments, and more. ---------------------------------------------------------------------- 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA28092 VERIFY ADVISORY: http://secunia.com/advisories/28092/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. Successful exploitation may allow execution of arbitrary code. 2) Various unspecified errors exist in QuickTime's Flash media handler, which can be exploited to execute arbitrary code. The vulnerabilities are reported in Apple QuickTime prior to version 7.3.1. SOLUTION: Update to Apple QuickTime version 7.3.1. QuickTime 7.3.1 for Panther: http://www.apple.com/support/downloads/quicktime731forpanther.html QuickTime 7.3.1 for Tiger: http://www.apple.com/support/downloads/quicktime731fortiger.html QuickTime 7.3.1 for Leopard: http://www.apple.com/support/downloads/quicktime731forleopard.html QuickTime 7.3.1 for Windows: http://www.apple.com/support/downloads/quicktime731forwindows.html PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits: * Tom Ferris, Adobe Secure Software Engineering Team (ASSET) * Mike Price of McAfee Avert Labs * Lionel d'Hauenens and Brian Mariani of Syseclabs ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=307176 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-4706 // JVNDB: JVNDB-2007-001037 // BID: 26868 // VULHUB: VHN-28068 // PACKETSTORM: 61840

AFFECTED PRODUCTS

vendor:	apple	model:	quicktime	scope:	lte	version:	7.3	Trust: 1.0
vendor:	apple	model:	quicktime	scope:	lte	version:	7.3.0	Trust: 0.8
vendor:	apple	model:	quicktime	scope:	eq	version:	7.3	Trust: 0.6
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.6	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.5	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	ne	version:	7.3.1	Trust: 0.3

sources: BID: 26868 // JVNDB: JVNDB-2007-001037 // CNNVD: CNNVD-200712-383 // NVD: CVE-2007-4706

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-4706
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-4706
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200712-383
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-28068
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-4706
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-28068
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-28068 // JVNDB: JVNDB-2007-001037 // CNNVD: CNNVD-200712-383 // NVD: CVE-2007-4706

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-28068 // JVNDB: JVNDB-2007-001037 // NVD: CVE-2007-4706

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200712-383

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200712-383

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-001037

PATCH

title:	QuickTime 7.3.1	url:	http://docs.info.apple.com/article.html?artnum=307176-en	Trust: 0.8
title:	QuickTime 7.3.1	url:	http://docs.info.apple.com/article.html?artnum=307176-ja	Trust: 0.8

sources: JVNDB: JVNDB-2007-001037

EXTERNAL IDS

db:	NVD	id:	CVE-2007-4706	Trust: 2.8
db:	BID	id:	26868	Trust: 2.8
db:	SECUNIA	id:	28092	Trust: 2.6
db:	SECTRACK	id:	1019099	Trust: 2.5
db:	VUPEN	id:	ADV-2007-4217	Trust: 1.7
db:	OSVDB	id:	40883	Trust: 1.7
db:	XF	id:	39029	Trust: 1.4
db:	JVNDB	id:	JVNDB-2007-001037	Trust: 0.8
db:	CNNVD	id:	CNNVD-200712-383	Trust: 0.6
db:	VULHUB	id:	VHN-28068	Trust: 0.1
db:	PACKETSTORM	id:	61840	Trust: 0.1

sources: VULHUB: VHN-28068 // BID: 26868 // JVNDB: JVNDB-2007-001037 // PACKETSTORM: 61840 // CNNVD: CNNVD-200712-383 // NVD: CVE-2007-4706

REFERENCES

url:	http://www.securityfocus.com/bid/26868	Trust: 2.5
url:	http://www.securitytracker.com/id?1019099	Trust: 2.5
url:	http://secunia.com/advisories/28092	Trust: 2.5
url:	http://docs.info.apple.com/article.html?artnum=307176	Trust: 1.8
url:	http://lists.apple.com/archives/security-announce/2007/dec/msg00000.html	Trust: 1.7
url:	http://osvdb.org/40883	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/4217	Trust: 1.7
url:	http://xforce.iss.net/xforce/xfdb/39029	Trust: 1.4
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/39029	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4706	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/4217	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4706	Trust: 0.8
url:	http://www.apple.com/quicktime/	Trust: 0.3
url:	http://www.apple.com/swupdates/	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/5090/	Trust: 0.1
url:	http://www.apple.com/support/downloads/quicktime731forpanther.html	Trust: 0.1
url:	http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv	Trust: 0.1
url:	http://secunia.com/advisories/28092/	Trust: 0.1
url:	http://www.apple.com/support/downloads/quicktime731forleopard.html	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://www.apple.com/support/downloads/quicktime731forwindows.html	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://www.apple.com/support/downloads/quicktime731fortiger.html	Trust: 0.1

sources: VULHUB: VHN-28068 // BID: 26868 // JVNDB: JVNDB-2007-001037 // PACKETSTORM: 61840 // CNNVD: CNNVD-200712-383 // NVD: CVE-2007-4706

CREDITS

The vendor disclosed this vulnerability.

Trust: 0.3

sources: BID: 26868

SOURCES

db:	VULHUB	id:	VHN-28068
db:	BID	id:	26868
db:	JVNDB	id:	JVNDB-2007-001037
db:	PACKETSTORM	id:	61840
db:	CNNVD	id:	CNNVD-200712-383
db:	NVD	id:	CVE-2007-4706

LAST UPDATE DATE

2025-04-10T21:43:47.029000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-28068	date:	2017-07-29T00:00:00
db:	BID	id:	26868	date:	2007-12-14T19:02:00
db:	JVNDB	id:	JVNDB-2007-001037	date:	2007-12-28T00:00:00
db:	CNNVD	id:	CNNVD-200712-383	date:	2015-12-18T00:00:00
db:	NVD	id:	CVE-2007-4706	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-28068	date:	2007-12-15T00:00:00
db:	BID	id:	26868	date:	2007-12-13T00:00:00
db:	JVNDB	id:	JVNDB-2007-001037	date:	2007-12-28T00:00:00
db:	PACKETSTORM	id:	61840	date:	2007-12-18T00:56:59
db:	CNNVD	id:	CNNVD-200712-383	date:	2007-12-17T00:00:00
db:	NVD	id:	CVE-2007-4706	date:	2007-12-15T01:46:00