CVE-2007-2296Apple Quicktime vulnerability

CWE-1893 documents3 sources
Severity
9.3CRITICALNVD
EPSS
28.6%
top 3.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Quicktime
Timeline
PublishedApr 26
Latest updateMay 1

Description

Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapple/quicktime6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-4wv3-vrp8-r748: Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 72022-05-01
CVEList
CVE-2007-2296: Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 72007-04-26
CVE-2007-2296 — Apple Quicktime vulnerability | cvebase