cbcvebase.
CVE-2007-4676
published 2007-11-07

CVE-2007-4676: Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type…

PriorityP355critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
46.66%
98.7th percentile
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.

Affected

3 ranges
VendorProductVersion rangeFixed in
applemac_os_x
applemac_os_x
applemac_os_x
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.