Published: 07/11/2007 Updated: 26/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in Apple QuickTime prior to 7.3 allows remote malicious users to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows_vista -
microsoft windows_xp -
apple mac_os_x 10.4.10
apple mac_os_x 10.3.9
apple mac_os_x 10.5

CWE-119 http://www.zerodayinitiative.com/advisories/ZDI-07-066.html http://www.zerodayinitiative.com/advisories/ZDI-07-067.html http://docs.info.apple.com/article.html?artnum=306896 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html http://www.securitytracker.com/id?1018894 http://secunia.com/advisories/27523 http://www.us-cert.gov/cas/techalerts/TA07-310A.html http://www.kb.cert.org/vuls/id/690515 http://www.securityfocus.com/bid/26345 http://securityreason.com/securityalert/3351 http://osvdb.org/38546 http://www.vupen.com/english/advisories/2007/3723 https://exchange.xforce.ibmcloud.com/vulnerabilities/38281 https://exchange.xforce.ibmcloud.com/vulnerabilities/38280 http://www.securityfocus.com/archive/1/483313/100/0/threaded http://www.securityfocus.com/archive/1/483311/100/0/threaded https://nvd.nist.gov https://www.kb.cert.org/vuls/id/690515

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4676

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect