CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.7%
Added: 11/30/2007
CVE: CVE-2007-6166
BID: 26549
OSVDB: 40876
QuickTime is a media player for Windows and Mac OS platforms.
A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header.
Upgrade to a version higher than 7.3 when available.
<http://www.kb.cert.org/vuls/id/659761>
Exploit works on QuickTime 7.3 on Windows and QuickTime 7.1.3 on Mac OS 10.4.8 and requires a user to open the exploit in QuickTime.
Windows
Mac OS X