9.3
CVE-2007-2394
- EPSS 12.14%
- Veröffentlicht 15.07.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 12.14% | 0.956 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://docs.info.apple.com/article.html?artnum=305947
http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html
http://secunia.com/advisories/26034
http://www.securitytracker.com/id?1018373
http://www.us-cert.gov/cas/techalerts/TA07-193A.html
http://www.vupen.com/english/advisories/2007/2510
http://www.securityfocus.com/bid/24873
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556
http://osvdb.org/36134
http://www.securityfocus.com/archive/1/473882/100/100/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35357