Lucene search

MitreCVE-2007-4706

HistoryDec 15, 2007 - 1:46 a.m.

CVE-2007-4706

2007-12-1501:46:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-4706

apple quicktime

buffer overflow

remote code execution

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.107

Percentile

95.2%

JSON

Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.

Affected configurations

Nvd

Node

applequicktimeRange≤7.3

VendorProductVersionCPE
applequicktime*cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	quicktime	*	cpe:2.3:a:apple:quicktime::::::::

References

docs.info.apple.com/article.html?artnum=307176

lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html

osvdb.org/40883

secunia.com/advisories/28092

www.securityfocus.com/bid/26868

www.securitytracker.com/id?1019099

www.vupen.com/english/advisories/2007/4217

exchange.xforce.ibmcloud.com/vulnerabilities/39029

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.107

Percentile

95.2%

JSON

Related for CVE-2007-4706