Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4673

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-4673
Last Modified 15 Nov 2008 01:58:02
Published 04 Oct 2007 07:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4673

Summary

Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045.

Vulnerable Systems

Application

  • Apple Quicktime 7.2


References

BID - 25913

OSVDB - 40434

APPLE - APPLE-SA-2007-10-03

CONFIRM - http://docs.info.apple.com/article.html?artnum=306560

XF - quicktime-qtl-code-execution(36937)


Last Updated: 27 May 2016 10:45:56