CVE-2007-4674 - Vulnerability Details - OpenCVE

An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Quicktime

Configuration 1 [-]

OR	cpe:2.3:a:apple:quicktime:7.2::_mac_os_x_v10.3.9:::::
	cpe:2.3:a:apple:quicktime:7.2::_mac_os_x_v10.4.9:::::
	cpe:2.3:a:apple:quicktime:7.2::_mac_os_x_v10.5:::::
	cpe:2.3:a:apple:quicktime:7.2::windows_vista:::::
	cpe:2.3:a:apple:quicktime:7.2::windows_xp_sp2:::::

No data.

References

Link	Providers
http://docs.info.apple.com/article.html?artnum=306896
http://dvlabs.tippingpoint.com/advisory/TPTI-07-20
http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html
http://osvdb.org/43716
http://secunia.com/advisories/29182
http://secunia.com/advisories/32121
http://security.gentoo.org/glsa/glsa-200803-08.xml
http://support.apple.com/kb/HT3189
http://www.securityfocus.com/archive/1/483717/100/100/threaded
http://www.securityfocus.com/bid/26443
http://www.vupen.com/english/advisories/2008/2735

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-27T20:00:00

Updated: 2024-08-07T15:01:10.078Z

Reserved: 2007-09-05T00:00:00

Link: CVE-2007-4674

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-11-27T20:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4674

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-05T00:00:00", "descriptions": [{"lang": "en", "value": "An \"integer arithmetic\" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "APPLE-SA-2008-10-02", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html"}, {"name": "ADV-2008-2735", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2735"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3189"}, {"name": "20071114 TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483717/100/100/threaded"}, {"name": "43716", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/43716"}, {"name": "GLSA-200803-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"}, {"name": "32121", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32121"}, {"name": "26443", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26443"}, {"tags": ["x_refsource_MISC"], "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-20"}, {"name": "29182", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29182"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4674", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An \"integer arithmetic\" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2008-10-02", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html"}, {"name": "ADV-2008-2735", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2735"}, {"name": "http://docs.info.apple.com/article.html?artnum=306896", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"name": "http://support.apple.com/kb/HT3189", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3189"}, {"name": "20071114 TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483717/100/100/threaded"}, {"name": "43716", "refsource": "OSVDB", "url": "http://osvdb.org/43716"}, {"name": "GLSA-200803-08", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"}, {"name": "32121", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32121"}, {"name": "26443", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26443"}, {"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-20", "refsource": "MISC", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-20"}, {"name": "29182", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29182"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:01:10.078Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2008-10-02", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html"}, {"name": "ADV-2008-2735", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2735"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3189"}, {"name": "20071114 TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483717/100/100/threaded"}, {"name": "43716", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/43716"}, {"name": "GLSA-200803-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"}, {"name": "32121", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32121"}, {"name": "26443", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26443"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-20"}, {"name": "29182", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29182"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4674", "datePublished": "2007-11-27T20:00:00", "dateReserved": "2007-09-05T00:00:00", "dateUpdated": "2024-08-07T15:01:10.078Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:_mac_os_x_v10.3.9:*:*:*:*:*", "matchCriteriaId": "621A609C-2787-4C2B-ABD1-D43486FAEC3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:_mac_os_x_v10.4.9:*:*:*:*:*", "matchCriteriaId": "B3C36FAE-5FC5-4E98-BADE-776090E367BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:_mac_os_x_v10.5:*:*:*:*:*", "matchCriteriaId": "510F6CCA-4141-4FBE-96B5-72B8D9FD9669", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:windows_vista:*:*:*:*:*", "matchCriteriaId": "92C765C2-0709-4343-B474-35629729C875", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:quicktime:7.2:*:windows_xp_sp2:*:*:*:*:*", "matchCriteriaId": "33CC9D0A-24CA-413D-B4AC-766A79F4B5AE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An \"integer arithmetic\" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow."}, {"lang": "es", "value": "Un error de \"aritm\u00e9tica de enteros\" en Apple QuickTime 7.2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo de pel\u00edcula manipulado que contiene un \u00e1tomo de pel\u00edcula (atom movie) con un valor de tama\u00f1o grande, lo cual dispara un desbordamiento de b\u00fafer basado en pila."}], "id": "CVE-2007-4674", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-11-27T20:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"source": "cve@mitre.org", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-20"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/43716"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29182"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32121"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"}, {"source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3189"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/483717/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26443"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2735"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/43716"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29182"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32121"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200803-08.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3189"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/483717/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26443"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2735"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}