Sign-up

ID

VAR-200712-0423


CVE

CVE-2007-4707


TITLE

Apple QuickTime of FLASH Multiple vulnerabilities in media processing

Trust: 0.8

sources: JVNDB: JVNDB-2007-001039

DESCRIPTION

Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie. The most serious issue will allow remote attackers to execute code. The remote-code execution issues involve processing '.swf' files. The 'Quicktime.qts' module uses the 'BitMapFormat' attribute of the 'Parser' object without validating its contents. An attacker can exploit some of these issues to execute arbitrary code with the privileges of the user running the affected application. The impact of the other issues has not been specified. These issues affect versions prior to QuickTime 7.3.1 for these platforms: Mac OS X v10.3.9 Mac OS X v10.4.9 or later Mac OS X v10.5 or later Microsoft Windows Vista Microsoft Windows XP SP2. ---------------------------------------------------------------------- 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA28092 VERIFY ADVISORY: http://secunia.com/advisories/28092/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in the handling of QTL files can be exploited to cause a heap-based buffer overflow when a user views a specially crafted QTL file. SOLUTION: Update to Apple QuickTime version 7.3.1. QuickTime 7.3.1 for Panther: http://www.apple.com/support/downloads/quicktime731forpanther.html QuickTime 7.3.1 for Tiger: http://www.apple.com/support/downloads/quicktime731fortiger.html QuickTime 7.3.1 for Leopard: http://www.apple.com/support/downloads/quicktime731forleopard.html QuickTime 7.3.1 for Windows: http://www.apple.com/support/downloads/quicktime731forwindows.html PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits: * Tom Ferris, Adobe Secure Software Engineering Team (ASSET) * Mike Price of McAfee Avert Labs * Lionel d'Hauenens and Brian Mariani of Syseclabs ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=307176 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-4707 // JVNDB: JVNDB-2007-001039 // BID: 26866 // VULHUB: VHN-28069 // PACKETSTORM: 61840

AFFECTED PRODUCTS

vendor:applemodel:quicktimescope:lteversion:7.3

Trust: 1.0

vendor:applemodel:quicktimescope:lteversion:7.3.0

Trust: 0.8

vendor:applemodel:quicktime playerscope:eqversion:7.1.6

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.5

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.4

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:neversion:7.3.1

Trust: 0.3

sources: BID: 26866 // JVNDB: JVNDB-2007-001039 // NVD: CVE-2007-4707

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4707
value: HIGH

Trust: 1.0

NVD: CVE-2007-4707
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200712-413
value: MEDIUM

Trust: 0.6

VULHUB: VHN-28069
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-4707
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-28069
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28069 // JVNDB: JVNDB-2007-001039 // CNNVD: CNNVD-200712-413 // NVD: CVE-2007-4707

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-28069 // JVNDB: JVNDB-2007-001039 // NVD: CVE-2007-4707

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200712-413

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-200712-413

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-001039

PATCH
title:QuickTime 7.3.1url:http://docs.info.apple.com/article.html?artnum=307176-en
Trust: 0.8
title:QuickTime 7.3.1url:http://docs.info.apple.com/article.html?artnum=307176-ja
Trust: 0.8
title:Apple QuickTime Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=175105
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2007-001039 // 
            
            
            
            CNNVD: CNNVD-200712-413

EXTERNAL IDS
db:NVDid:CVE-2007-4707
Trust: 2.8
db:SECUNIAid:28092
Trust: 2.6
db:SECTRACKid:1019099
Trust: 2.5
db:BIDid:26866
Trust: 2.0
db:VUPENid:ADV-2007-4217
Trust: 1.7
db:XFid:39030
Trust: 1.4
db:BIDid:26868
Trust: 0.8
db:JVNDBid:JVNDB-2007-001039
Trust: 0.8
db:APPLEid:APPLE-SA-2007-12-13
Trust: 0.6
db:CNNVDid:CNNVD-200712-413
Trust: 0.6
db:VULHUBid:VHN-28069
Trust: 0.1
db:PACKETSTORMid:61840
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28069 // 
            
            
            
            BID: 26866 // 
            
            
            
            JVNDB: JVNDB-2007-001039 // 
            
            
            
            PACKETSTORM: 61840 // 
            
            
            
            CNNVD: CNNVD-200712-413 // 
            
            
            
            NVD: CVE-2007-4707

REFERENCES
url:http://www.securitytracker.com/id?1019099
Trust: 2.5
url:http://secunia.com/advisories/28092
Trust: 2.5
url:http://docs.info.apple.com/article.html?artnum=307176
Trust: 1.8
url:http://lists.apple.com/archives/security-announce/2007/dec/msg00000.html
Trust: 1.7
url:http://www.securityfocus.com/bid/26866
Trust: 1.7
url:http://www.vupen.com/english/advisories/2007/4217
Trust: 1.7
url:http://xforce.iss.net/xforce/xfdb/39030
Trust: 1.4
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/39030
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4707
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2007/4217
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-4707
Trust: 0.8
url:http://www.securityfocus.com/bid/26868
Trust: 0.8
url:http://www.apple.com/quicktime/
Trust: 0.3
url:http://www.syseclabs.com/advisories/english_advisory_quicktimeplayer_v73_arbitrary_pointer_dereference_swf.pdf
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/5090/
Trust: 0.1
url:http://www.apple.com/support/downloads/quicktime731forpanther.html
Trust: 0.1
url:http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
Trust: 0.1
url:http://secunia.com/advisories/28092/
Trust: 0.1
url:http://www.apple.com/support/downloads/quicktime731forleopard.html
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://www.apple.com/support/downloads/quicktime731forwindows.html
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://www.apple.com/support/downloads/quicktime731fortiger.html
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28069 // 
            
            
            
            BID: 26866 // 
            
            
            
            JVNDB: JVNDB-2007-001039 // 
            
            
            
            PACKETSTORM: 61840 // 
            
            
            
            CNNVD: CNNVD-200712-413 // 
            
            
            
            NVD: CVE-2007-4707

CREDITS
Tom Ferris of Adobe Secure Software Engineering Team (ASSET), Mike Price of McAfee Avert Labs, Lionel d'Hauenens and Brian Mariani of Syseclabs are credited with the discovery of these vulnerabilities.
Trust: 0.3
sources:
            
            
            BID: 26866

SOURCES
db:VULHUBid:VHN-28069
db:BIDid:26866
db:JVNDBid:JVNDB-2007-001039
db:PACKETSTORMid:61840
db:CNNVDid:CNNVD-200712-413
db:NVDid:CVE-2007-4707

LAST UPDATE DATE
2025-04-10T19:32:53.067000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28069date:2017-07-29T00:00:00
db:BIDid:26866date:2007-12-18T02:51:00
db:JVNDBid:JVNDB-2007-001039date:2007-12-28T00:00:00
db:CNNVDid:CNNVD-200712-413date:2021-12-20T00:00:00
db:NVDid:CVE-2007-4707date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-28069date:2007-12-15T00:00:00
db:BIDid:26866date:2007-12-13T00:00:00
db:JVNDBid:JVNDB-2007-001039date:2007-12-28T00:00:00
db:PACKETSTORMid:61840date:2007-12-18T00:56:59
db:CNNVDid:CNNVD-200712-413date:2007-12-14T00:00:00
db:NVDid:CVE-2007-4707date:2007-12-15T01:46:00