PT-2007-5831 · Apple · Quicktime Player+1

Published

2007-10-04

Updated

2017-07-29

CVE-2007-4673

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045.

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2007-4673

Affected Products

Quicktime Player

Apple Quicktime

PT-2007-5831 · Apple · Quicktime Player+1

CVE-2007-4673

Weakness Enumeration

Related Identifiers

Affected Products

References · 7