CVE Vulnerabilities

CVE-2007-0714

Published: Mar 05, 2007 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.

Affected Software

Name Vendor Start Version End Version
Quicktime Apple * 7.1.4 (including)
Quicktime Apple 3.0 (including) 3.0 (including)
Quicktime Apple 4.1.2 (including) 4.1.2 (including)
Quicktime Apple 5.0.1 (including) 5.0.1 (including)
Quicktime Apple 5.0.2 (including) 5.0.2 (including)
Quicktime Apple 6.0 (including) 6.0 (including)
Quicktime Apple 6.0.0 (including) 6.0.0 (including)
Quicktime Apple 6.0.1 (including) 6.0.1 (including)
Quicktime Apple 6.0.2 (including) 6.0.2 (including)
Quicktime Apple 6.1.0 (including) 6.1.0 (including)
Quicktime Apple 6.1.1 (including) 6.1.1 (including)
Quicktime Apple 6.2.0 (including) 6.2.0 (including)
Quicktime Apple 6.3.0 (including) 6.3.0 (including)
Quicktime Apple 6.4.0 (including) 6.4.0 (including)
Quicktime Apple 6.5.0 (including) 6.5.0 (including)
Quicktime Apple 6.5.1 (including) 6.5.1 (including)
Quicktime Apple 6.5.2 (including) 6.5.2 (including)
Quicktime Apple 7.0 (including) 7.0 (including)
Quicktime Apple 7.0.0 (including) 7.0.0 (including)
Quicktime Apple 7.0.1 (including) 7.0.1 (including)
Quicktime Apple 7.0.2 (including) 7.0.2 (including)
Quicktime Apple 7.0.3 (including) 7.0.3 (including)
Quicktime Apple 7.0.4 (including) 7.0.4 (including)
Quicktime Apple 7.1.0 (including) 7.1.0 (including)
Quicktime Apple 7.1.1 (including) 7.1.1 (including)
Quicktime Apple 7.1.2 (including) 7.1.2 (including)
Quicktime Apple 7.1.3 (including) 7.1.3 (including)

References