{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-05T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html"}, {"name": "TA07-310A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"name": "quicktime-packbitsrgn-bo(38280)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280"}, {"name": "3351", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3351"}, {"name": "38546", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/38546"}, {"name": "APPLE-SA-2007-11-05", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"name": "27523", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27523"}, {"name": "VU#690515", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/690515"}, {"name": "20071105 ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483311/100/0/threaded"}, {"name": "20071105 ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483313/100/0/threaded"}, {"name": "1018894", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018894"}, {"name": "ADV-2007-3723", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"name": "quicktime-poly-type-bo(38281)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281"}, {"name": "26345", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26345"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4676", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html"}, {"name": "TA07-310A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"name": "http://docs.info.apple.com/article.html?artnum=306896", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"name": "quicktime-packbitsrgn-bo(38280)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280"}, {"name": "3351", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3351"}, {"name": "38546", "refsource": "OSVDB", "url": "http://osvdb.org/38546"}, {"name": "APPLE-SA-2007-11-05", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"name": "27523", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27523"}, {"name": "VU#690515", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/690515"}, {"name": "20071105 ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483311/100/0/threaded"}, {"name": "20071105 ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483313/100/0/threaded"}, {"name": "1018894", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018894"}, {"name": "ADV-2007-3723", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"name": "quicktime-poly-type-bo(38281)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281"}, {"name": "26345", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26345"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:01:10.101Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html"}, {"name": "TA07-310A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"name": "quicktime-packbitsrgn-bo(38280)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280"}, {"name": "3351", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3351"}, {"name": "38546", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/38546"}, {"name": "APPLE-SA-2007-11-05", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"name": "27523", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27523"}, {"name": "VU#690515", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/690515"}, {"name": "20071105 ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483311/100/0/threaded"}, {"name": "20071105 ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483313/100/0/threaded"}, {"name": "1018894", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018894"}, {"name": "ADV-2007-3723", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"name": "quicktime-poly-type-bo(38281)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281"}, {"name": "26345", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26345"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4676", "datePublished": "2007-11-07T20:00:00", "dateReserved": "2007-09-05T00:00:00", "dateUpdated": "2024-08-07T15:01:10.101Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*", "matchCriteriaId": "04B0096B-6F3A-4193-AD0F-D328A31D087D", "versionEndExcluding": "7.3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "8D089858-3AF9-4B82-912D-AA33F25E3715", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D2442D35-7484-43D8-9077-3FDF63104816", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Apple QuickTime anterior a 7.3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante elementos mal formados cuando se analizan los c\u00f3digos de operaci\u00f3n (opcodes) (1)Poly type (0x0070 hasta 0x0074) y (2) PackBitsRgn field (0x0099)en una imagen PICT."}], "id": "CVE-2007-4676", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-11-07T23:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://osvdb.org/38546"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27523"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/3351"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/690515"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483311/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483313/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/26345"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1018894"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://docs.info.apple.com/article.html?artnum=306896"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/38546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27523"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/3351"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/690515"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483311/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483313/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/26345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1018894"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3723"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}