Lucene search
HistoryOct 04, 2007 - 11:17 p.m.
CVE-2007-4673
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.028
Percentile
90.8%
Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045.
Affected configurations
Node
applequicktimeMatch7.2windows_sp_2
ORapplequicktimeMatch7.2windows_vista
Related
prion
prion
Design/Logic Flaw
2007-10-04 23:17:00
Design/Logic Flaw
2007-09-24 00:17:00
cvelist
cvelist
cve
cve
checkpoint_advisories
checkpoint_advisories
Apple QuickTime Plug-In Security Bypass (CVE-2006-4965; CVE-2007-4673)
2009-10-15 00:00:00
redhatcve
redhatcve
CVE-2007-5045
2015-10-30 10:09:30
nvd
nvd
CVE-2007-5045
2007-09-24 00:17:00
CVE-2006-4965
2006-09-25 00:07:00
ubuntucve
ubuntucve
CVE-2007-5045
2007-09-24 00:00:00
nessus
nessus
cert
cert
Apple QuickTime remote command execution vulnerability
2007-09-13 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
SuSE Update for MozillaFirefox,mozilla,seamonkey SUSE-SA:2007:057
2009-01-28 00:00:00
exploitdb
exploitdb
Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution
2006-09-21 00:00:00
freebsd
freebsd
mozilla -- code execution via Quicktime media-link files
2007-09-18 00:00:00
mozilla
mozilla
Code execution via QuickTime Media-link files — Mozilla
2007-09-18 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla,seamonkey
2007-10-25 18:13:14
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.028
Percentile
90.8%
Related for NVD:CVE-2007-4673