|
|
CVE Reference: CVE-2007-4675 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4675 |
|
|
Description: Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/38282 ST 1018894 SAID Secunia Advisory: SA27523 OSVDB 38545 MISC http://www.48bits.com/advisories/qt_pdat_heapbof.pdf http://blog.48bits.com/?p=176 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=620 CONFIRM http://docs.info.apple.com/article.html?artnum=306896 CERT http://www.us-cert.gov/cas/techalerts/TA07-310A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/483564/100/0/threaded BID 26342 APPLE http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html |
|
| Return to the previous page. |
