cvelistv5 - cve-2007-2394

CVE-2007-2394 (GCVE-0-2007-2394)

Vulnerability from cvelistv5

Published

2007-07-15 21:00

Modified

2024-08-07 13:33

Severity ?

CWE

Summary

Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.

References

URL

Tags

	http://secunia.com/advisories/26034	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/35357	vdb-entry, x_refsource_XF
	http://www.securitytracker.com/id?1018373	vdb-entry, x_refsource_SECTRACK
	http://www.us-cert.gov/cas/techalerts/TA07-193A.html	third-party-advisory, x_refsource_CERT
	http://www.vupen.com/english/advisories/2007/2510	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/24873	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/473882/100/100/threaded	mailing-list, x_refsource_BUGTRAQ
	http://docs.info.apple.com/article.html?artnum=305947	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://osvdb.org/36134	vdb-entry, x_refsource_OSVDB
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556	third-party-advisory, x_refsource_IDEFENSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26034"
          },
          {
            "name": "quicktime-smil-overflow(35357)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35357"
          },
          {
            "name": "1018373",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018373"
          },
          {
            "name": "TA07-193A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
          },
          {
            "name": "ADV-2007-2510",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2510"
          },
          {
            "name": "24873",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24873"
          },
          {
            "name": "20070717 Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/473882/100/100/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305947"
          },
          {
            "name": "APPLE-SA-2007-07-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
          },
          {
            "name": "36134",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36134"
          },
          {
            "name": "20070711 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26034"
        },
        {
          "name": "quicktime-smil-overflow(35357)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35357"
        },
        {
          "name": "1018373",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018373"
        },
        {
          "name": "TA07-193A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
        },
        {
          "name": "ADV-2007-2510",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2510"
        },
        {
          "name": "24873",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24873"
        },
        {
          "name": "20070717 Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/473882/100/100/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=305947"
        },
        {
          "name": "APPLE-SA-2007-07-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
        },
        {
          "name": "36134",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36134"
        },
        {
          "name": "20070711 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2394",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26034",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26034"
            },
            {
              "name": "quicktime-smil-overflow(35357)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35357"
            },
            {
              "name": "1018373",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018373"
            },
            {
              "name": "TA07-193A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
            },
            {
              "name": "ADV-2007-2510",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2510"
            },
            {
              "name": "24873",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24873"
            },
            {
              "name": "20070717 Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/473882/100/100/threaded"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305947",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=305947"
            },
            {
              "name": "APPLE-SA-2007-07-11",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
            },
            {
              "name": "36134",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36134"
            },
            {
              "name": "20070711 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2394",
    "datePublished": "2007-07-15T21:00:00.000Z",
    "dateReserved": "2007-04-30T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:33:28.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-308

Vulnerability from certfr_avis

Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. L'exploitation de ces dernières peut entraîner un dysfonctionnement de l'application, voire l'exécution de code arbitraire à distance sur le système vulnérable.

Description

Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. Parmi celles-ci :

l'application ne manipulerait pas correctement les vidéos au format H.264. Ce problème peut ainsi provoquer une corruption de la mémoire.
l'application ne manipulerait pas correctement les fichiers au format .m4v. Ce problème peut ainsi provoquer un débordement d'entier.
l'application ne manipulerait pas correctement les fichiers au format SMIL. Ce problème peut ainsi provoquer un débordement d'entier.
les vérifications de sécurité (permissions) peuvent être contournées, dans QuickTime pour Java. L'exploitation de cette vulnérabilité, comme les précédentes, peut entraîner, sous certaines conditions, l'exécution de code arbitraire à distance sur le système vulnérable.

Solution

Se référer au bulletin de sécurité d'Apple pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	N/A	QuickTime 7.2 ainsi que les versions antérieures.

References

Title

Publication Time

Tags

Avis de sécurité Apple 305947 du 11 juillet 2007	None	vendor-advisory
Bulletin de sécurité iDefense du 11 juillet 2007 :	-	other
Bulletin de sécurité Apple du 11 juillet 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QuickTime 7.2 ainsi que les versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. Parmi celles-ci :\n\n-   l\u0027application ne manipulerait pas correctement les vid\u00e9os au format\n    H.264. Ce probl\u00e8me peut ainsi provoquer une corruption de la\n    m\u00e9moire.\n-   l\u0027application ne manipulerait pas correctement les fichiers au\n    format .m4v. Ce probl\u00e8me peut ainsi provoquer un d\u00e9bordement\n    d\u0027entier.\n-   l\u0027application ne manipulerait pas correctement les fichiers au\n    format SMIL. Ce probl\u00e8me peut ainsi provoquer un d\u00e9bordement\n    d\u0027entier.\n-   les v\u00e9rifications de s\u00e9curit\u00e9 (permissions) peuvent \u00eatre\n    contourn\u00e9es, dans QuickTime pour Java. L\u0027exploitation de cette\n    vuln\u00e9rabilit\u00e9, comme les pr\u00e9c\u00e9dentes, peut entra\u00eener, sous certaines\n    conditions, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me\n    vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 d\u0027Apple pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-2402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2402"
    },
    {
      "name": "CVE-2007-2394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2394"
    },
    {
      "name": "CVE-2007-2392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2392"
    },
    {
      "name": "CVE-2007-2397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2397"
    },
    {
      "name": "CVE-2007-2393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2393"
    },
    {
      "name": "CVE-2007-2396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2396"
    },
    {
      "name": "CVE-2007-2295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2295"
    },
    {
      "name": "CVE-2007-2296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2296"
    }
  ],
  "initial_release_date": "2007-07-12T00:00:00",
  "last_revision_date": "2007-07-12T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 11 juillet 2007 :",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 11 juillet 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=305947"
    }
  ],
  "reference": "CERTA-2007-AVI-308",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. L\u0027exploitation de ces derni\u00e8res peut entra\u00eener un\ndysfonctionnement de l\u0027application, voire l\u0027ex\u00e9cution de code arbitraire\n\u00e0 distance sur le syst\u00e8me vuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple QuickTime",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Apple 305947 du 11 juillet 2007",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-2394 (GCVE-0-2007-2394)

Vulnerability from cvelistv5

CERTA-2007-AVI-308

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature