CVE-2007-4677 - OpenCVE

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Apple	Mac Os X Quicktime
Microsoft	Windows Xp Windows Vista

Configuration 1 [-]

AND

cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:mac_os_x:10.3.9:::::::*
	cpe:2.3:o:apple:mac_os_x:10.4.10:::::::*
	cpe:2.3:o:apple:mac_os_x:10.5:::::::*
	cpe:2.3:o:microsoft:windows_vista:-:::::::*
	cpe:2.3:o:microsoft:windows_xp:-:sp2::::::

References

Link	Resource
http://docs.info.apple.com/article.html?artnum=306896	Vendor Advisory
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html	Vendor Advisory
http://secunia.com/advisories/27523	Third Party Advisory
http://securityreason.com/securityalert/3352	Third Party Advisory
http://www.kb.cert.org/vuls/id/445083	Third Party Advisory US Government Resource
http://www.osvdb.org/38544	Broken Link
http://www.securityfocus.com/archive/1/483312/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/26338	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018894	Third Party Advisory VDB Entry
http://www.us-cert.gov/cas/techalerts/TA07-310A.html	Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/3723	Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-07-065.html	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/38283	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-11-07T20:00:00

Updated: 2018-10-15T20:57:01

Reserved: 2007-09-05T00:00:00

Link: CVE-2007-4677

JSON object: View

NVD Information

Status : Analyzed

Published: 2007-11-07T23:46:00.000

Modified: 2018-10-26T14:08:04.527

Link: CVE-2007-4677

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-05T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "TA07-310A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html"}, {"name": "26338", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26338"}, {"name": "VU#445083", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/445083"}, {"name": "APPLE-SA-2007-11-05", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"name": "27523", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27523"}, {"name": "38544", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/38544"}, {"name": "quicktime-colortable-atom-bo(38283)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38283"}, {"name": "20071105 ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483312/100/0/threaded"}, {"name": "1018894", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018894"}, {"name": "ADV-2007-3723", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"name": "3352", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3352"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4677", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA07-310A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"name": "http://docs.info.apple.com/article.html?artnum=306896", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html"}, {"name": "26338", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26338"}, {"name": "VU#445083", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/445083"}, {"name": "APPLE-SA-2007-11-05", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"name": "27523", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27523"}, {"name": "38544", "refsource": "OSVDB", "url": "http://www.osvdb.org/38544"}, {"name": "quicktime-colortable-atom-bo(38283)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38283"}, {"name": "20071105 ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483312/100/0/threaded"}, {"name": "1018894", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018894"}, {"name": "ADV-2007-3723", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"name": "3352", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3352"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4677", "datePublished": "2007-11-07T20:00:00", "dateReserved": "2007-09-05T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "04B0096B-6F3A-4193-AD0F-D328A31D087D", "versionEndExcluding": "7.3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Apple QuickTime anterior a 7.3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un tama\u00f1o inv\u00e1lido de tabla de color cuando se analiza el \u00e1tomo de tabla de color (color table atom o CTAB) en un archivo de pel\u00edcula, relacionado con los valores CTAB RGB."}], "id": "CVE-2007-4677", "lastModified": "2018-10-26T14:08:04.527", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-11-07T23:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27523"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/3352"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/445083"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.osvdb.org/38544"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483312/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/26338"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1018894"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38283"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}