Apple QuickTime Information Disclosure and Multiple Code Execution Vulnerabilities

Bugtraq ID: 24873
Class: Input Validation Error
CVE: CVE-2007-2392
CVE-2007-2394
CVE-2007-2397
CVE-2007-2393
CVE-2007-2396
CVE-2007-2402
Remote: Yes
Local: No
Published: Jul 11 2007 12:00AM
Updated: Sep 05 2007 06:21PM
Credit: The vendor disclosed some of these issues. Some issues are credited to: Jonathan 'Wolf' Rentzsch of Red Shed Software (CVE-2007-2392) David Vaartjes of ITsec Security Services (CVE-2007-2394) Adam Gowdiak (CVE-2007-2397, CVE-2007-2393, CVE-2007-2396)
Vulnerable: Apple QuickTime Player 7.1.5
Apple QuickTime Player 7.1.4
Apple QuickTime Player 7.1.3
Apple QuickTime Player 7.1.2
Apple QuickTime Player 7.1.1
Apple QuickTime Player 7.0.4
Apple QuickTime Player 7.0.3
Apple QuickTime Player 7.0.2
Apple QuickTime Player 7.0.1
Apple QuickTime Player 7.0
Apple QuickTime Player 6.5.2
Apple QuickTime Player 6.5.1
Apple QuickTime Player 6.5
Apple QuickTime Player 6.1
Apple QuickTime Player 5.0.2
Apple QuickTime Player 7.1
Apple QuickTime Player 6
Not Vulnerable: Apple Quicktime 7.2


 

Privacy Statement
Copyright 2010, SecurityFocus