CVE-2007-0717

2007-03-0522:19:00

mitre

web.nvd.nist.gov

apple

quicktime

7.1.5

integer overflow

remote attackers

denial of service

arbitrary code

qtif file

cve-2007-0717

nvd

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.071

Percentile

94.0%

JSON

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.

Affected configurations

Nvd

Node

applequicktimeMatch7.0

applequicktimeMatch7.0.1

applequicktimeMatch7.0.2

applequicktimeMatch7.0.3

applequicktimeMatch7.0.4

applequicktimeMatch7.1

applequicktimeMatch7.1.1

applequicktimeMatch7.1.2

applequicktimeMatch7.1.3

applequicktimeMatch7.1.4

VendorProductVersionCPE
applequicktime7.0.3cpe:/a:apple:quicktime:7.0.3:::
applequicktime7.0cpe:/a:apple:quicktime:7.0:::
applequicktime7.0.2cpe:/a:apple:quicktime:7.0.2:::
applequicktime7.1cpe:/a:apple:quicktime:7.1:::
applequicktime7.0.1cpe:/a:apple:quicktime:7.0.1:::
applequicktime7.1.3cpe:/a:apple:quicktime:7.1.3:::
applequicktime7.1.4cpe:/a:apple:quicktime:7.1.4:::
applequicktime7.1.2cpe:/a:apple:quicktime:7.1.2:::
applequicktime7.1.1cpe:/a:apple:quicktime:7.1.1:::
applequicktime7.0.4cpe:/a:apple:quicktime:7.0.4:::

Vendor	Product	Version	CPE
apple	quicktime	7.0.3	cpe:/a:apple:quicktime:7.0.3:::
apple	quicktime	7.0	cpe:/a:apple:quicktime:7.0:::
apple	quicktime	7.0.2	cpe:/a:apple:quicktime:7.0.2:::
apple	quicktime	7.1	cpe:/a:apple:quicktime:7.1:::
apple	quicktime	7.0.1	cpe:/a:apple:quicktime:7.0.1:::
apple	quicktime	7.1.3	cpe:/a:apple:quicktime:7.1.3:::
apple	quicktime	7.1.4	cpe:/a:apple:quicktime:7.1.4:::
apple	quicktime	7.1.2	cpe:/a:apple:quicktime:7.1.2:::
apple	quicktime	7.1.1	cpe:/a:apple:quicktime:7.1.1:::
apple	quicktime	7.0.4	cpe:/a:apple:quicktime:7.0.4:::