CVE-2007-6166
Description
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
84.044
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update QuickTime 7.3.1 to latest version | Windows |
| Multiple Vulnerabilities are affected in QuickTime 4.1.2 | Windows |
| Multiple Vulnerabilities are affected in Apple Safari 2.3 | Windows |
| Vulnerabilities CVE-2007-6166 are affected in Apple Safari for MAC 2.3 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-612606 | Apple Safari for MAC (MacOS Sequoia) (26.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234