CVE-2006-4965

Apple QuickTime 7.1.3 - XSS

Title source: llm

Description

Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.

Exploits (1)

exploitdb WORKING POC VERIFIED

by LMH · rubyremotelinux

https://www.exploit-db.com/exploits/28639

View Code ZIP pw:eip

References (15)

Core 15

Core References

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/1631

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/751808

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27414

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/479179/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1018687

Exploit x_refsource_misc

http://www.gnucitizen.org/blog/backdooring-mp3-files/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/453756/100/0/threaded

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/3155

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20138

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/446750/100/0/threaded

Vendor Advisory x_refsource_confirm

http://docs.info.apple.com/article.html?artnum=305149

Various Sources x_refsource_misc

http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox

Exploit, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22048

Various Sources x_refsource_misc

http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up

Scores

EPSS 0.0911

EPSS Percentile 92.7%

Details

CWE

CWE-94

Status published

Products (1)

apple/quicktime 7.1.3

Published Sep 25, 2006

Tracked Since Feb 18, 2026