PT-2007-3727 · Apple · Macos X+1
David Vaartjes
·
Published
2007-07-15
·
Updated
2018-10-30
·
CVE-2007-2394
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Apple Quicktime versions prior to 7.2 on Mac OS X 10.3.9 and 10.4.9
Description
The issue allows user-assisted remote attackers to execute arbitrary code via crafted title and author fields in an SMIL file. This is related to improper calculations for memory allocation, specifically an integer overflow.
Recommendations
For Apple Quicktime versions prior to 7.2 on Mac OS X 10.3.9 and 10.4.9, update to version 7.2 or later to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Quicktime
Macos X