CVE-2007-2392Out-of-bounds Write in Apple Quicktime

3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
6.1%
top 9.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Quicktime
Timeline
PublishedJul 15
Latest updateMay 1

Description

Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapple/quicktime11 versions+10

Patches

Patch: docs.info.apple.comPatch: lists.apple.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-rv66-f66p-9v9q: Apple Quicktime before 72022-05-01
CVEList
CVE-2007-2392: Apple Quicktime before 72007-07-15
CVE-2007-2392 — Out-of-bounds Write in Apple Quicktime | cvebase