CVE-2007-6166
7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.97 High
EPSS
Percentile
99.7%
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
References
docs.info.apple.com/article.html?artnum=307176
lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html
secunia.com/advisories/27755
secunia.com/advisories/29182
security.gentoo.org/glsa/glsa-200803-08.xml
securityreason.com/securityalert/3410
www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_control
www.kb.cert.org/vuls/id/659761
www.securityfocus.com/bid/26549
www.securityfocus.com/bid/26560
www.securitytracker.com/id?1018989
www.us-cert.gov/cas/techalerts/TA07-334A.html
www.vupen.com/english/advisories/2007/3984
exchange.xforce.ibmcloud.com/vulnerabilities/38604
www.exploit-db.com/exploits/4648
www.exploit-db.com/exploits/6013
Related
7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.97 High
EPSS
Percentile
99.7%