CVE-2007-2394

Apple Quicktime <7.2 - RCE

Title source: llm

Description

Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.

Exploits (2)

exploitdb WORKING POC VERIFIED

by David Vaartjes · textdosmultiple

https://www.exploit-db.com/exploits/4359

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Wolf · perlremotemultiple

https://www.exploit-db.com/exploits/30292

View Code ZIP pw:eip

References (11)

[Patch, Vendor Advisory] http://secunia.com/advisories/26034

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/35357

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018373

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA07-193A.html

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2510

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24873

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/473882/100/100/threaded

[Vendor Advisory] http://docs.info.apple.com/article.html?artnum=305947

[Patch] http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html

[Third Party Advisory, VDB Entry] http://osvdb.org/36134

[Patch] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556

Scores

EPSS 0.4333

EPSS Percentile 97.5%

Details

Status published

Products (12)

apple/quicktime

apple/quicktime 7.0

apple/quicktime 7.0.1

apple/quicktime 7.0.2

apple/quicktime 7.0.3

apple/quicktime 7.0.4

apple/quicktime 7.1

apple/quicktime 7.1.1

apple/quicktime 7.1.2

apple/quicktime 7.1.3

... and 2 more

Published Jul 15, 2007

Tracked Since Feb 18, 2026