CVE-2007-0711 : Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows oper

Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.

Published 2007-03-05 22:19:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2007-0711

Apple » Quicktime » Windows Edition
Versions up to, including, (<=) 7.1.4
cpe:2.3:a:apple:quicktime:*:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 3.0
cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.0.2 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.2:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.0.1 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.1:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.2.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.2.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.1.1 Windows Edition
cpe:2.3:a:apple:quicktime:6.1.1:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 5.0.1 Windows Edition
cpe:2.3:a:apple:quicktime:5.0.1:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 4.1.2 Windows Edition
cpe:2.3:a:apple:quicktime:4.1.2:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.1.3 Windows Edition
cpe:2.3:a:apple:quicktime:7.1.3:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.1.2 Windows Edition
cpe:2.3:a:apple:quicktime:7.1.2:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.0.0 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.5.2 Windows Edition
cpe:2.3:a:apple:quicktime:6.5.2:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.1.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.1.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.0 Windows Edition
cpe:2.3:a:apple:quicktime:7.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.0.4 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.4:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.0.3 Windows Edition
cpe:2.3:a:apple:quicktime:7.0.3:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.4.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.4.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.3.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.3.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.0.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.0.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 5.0.2 Windows Edition
cpe:2.3:a:apple:quicktime:5.0.2:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.1.1 Windows Edition
cpe:2.3:a:apple:quicktime:7.1.1:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 7.1.0 Windows Edition
cpe:2.3:a:apple:quicktime:7.1.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.5.1 Windows Edition
cpe:2.3:a:apple:quicktime:6.5.1:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.5.0 Windows Edition
cpe:2.3:a:apple:quicktime:6.5.0:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.0.2 Windows Edition
cpe:2.3:a:apple:quicktime:6.0.2:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Apple » Quicktime » Version: 6.0.1 Windows Edition
cpe:2.3:a:apple:quicktime:6.0.1:-:windows:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows

Exploit prediction scoring system (EPSS) score for CVE-2007-0711

EPSS FAQ

23.91%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 96 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-0711

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2007-0711

CWE-189

Assigned by: nvd@nist.gov (Primary)

References for CVE-2007-0711

http://www.securityfocus.com/bid/22827

CVEs referencing this url
http://www.vupen.com/english/advisories/2007/0825

CVEs referencing this url
http://www.securitytracker.com/id?1017725

CVEs referencing this url
http://www.kb.cert.org/vuls/id/568689

US Government Resource
http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html

Vendor Advisory

CVEs referencing this url
http://www.us-cert.gov/cas/techalerts/TA07-065A.html

Patch;US Government Resource

CVEs referencing this url
http://docs.info.apple.com/article.html?artnum=305149

Patch;Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/24359

Vendor Advisory

CVEs referencing this url
http://osvdb.org/33905
https://exchange.xforce.ibmcloud.com/vulnerabilities/32814

Jump to

Vulnerability Details : CVE-2007-0711

Products affected by CVE-2007-0711

Exploit prediction scoring system (EPSS) score for CVE-2007-0711

CVSS scores for CVE-2007-0711

CWE ids for CVE-2007-0711

References for CVE-2007-0711