Details of VAR-200703-0016

ID

VAR-200703-0016

CVE

CVE-2007-0715

TITLE

Apple QuickTime 3GP integer overflow

Trust: 0.8

sources: CERT/CC: VU#568689

DESCRIPTION

Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file. The Apple QuickTime player contains a heap buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code or create a denial-of-service condition. Apple QuickTime is prone to multiple unspecified remote code-execution vulnerabilities including mulitple heap and stack-based buffer-overflow and integer-overflow issues. These issues arise when the application handles specially crafted 3GP, MIDI, MOV, PICT, and QTIF files. Successful attacks can result in the compromise of the applicaiton or can cause denial-of-service conditions. Few details regarding these issues are currently available. Separate BIDs for each issue will be created as new information becomes available. QuickTime versions prior to 7.1.5 are vulnerable. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. There are multiple buffer overflow vulnerabilities in QuickTime's processing of various media formats. (CVE-2007-0715). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-065A Apple Releases Security Updates for QuickTime Original release date: March 06, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows Overview Apple QuickTime contains multiple vulnerabilities. I. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted image or media file with a vulnerable version of QuickTime. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page. Note that QuickTime ships with Apple iTunes. For more information, please refer to the Vulnerability Notes Database. II. For further information, please see the Vulnerability Notes Database. III. Solution Upgrade QuickTime Upgrade to QuickTime 7.1.5. This and other updates for Mac OS X are available via Apple Update. On Microsoft Windows the QuickTime built-in auto-update mechanism may not detect this release. Instead, Windows users should check for updates using Apple Software Update or install the update manually. Disable QuickTime in your web browser An attacker may be able to exploit this vulnerability by persuading a user to access a specially crafted file with a web browser. Disabling QuickTime in your web browser will defend against this attack vector. For more information, refer to the Securing Your Web Browser document. References * Vulnerability Notes for QuickTime 7.1.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_715> * About the security content of the QuickTime 7.1.5 Update - <http://docs.info.apple.com/article.html?artnum=305149> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple QuickTime 7.1.5 for Windows - <http://www.apple.com/support/downloads/quicktime715forwindows.html> * Apple QuickTime 7.1.5 for Mac - <http://www.apple.com/support/downloads/quicktime715formac.html> * Standalone Apple QuickTime Player - <http://www.apple.com/quicktime/download/standalone.html> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-065A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-065A Feedback VU#568689" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History March 06, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRe26JOxOF3G+ig+rAQIL/AgArfKGgONZLe46VrCe71/m/47EcYHx/m4u K7rK5zeV11CItic4BMTyhC/s9OMEJdkRpVLhi9TJtLv0OYQoqT8WCqkcWpn6rf+p mRbMMIc0m2/IqQWBz3oHU1rlAem8Xk0wbARe+y3Pb1Xz5TumoyVSjbkKkyQJVYLz 35SS6byTmpspL/GIui8lt37b66aiXOGr91FCMQ4eCJXucJKlDNndjdL5isVKjXoA 74aavroywUVzoBzjxXCRSquxcFHW0B6t1TIMuMJhyVbmcV4i/0Cq3EfEg8iKVZdO ZAXHIj3P4cPmdsYRbgl0IqqyZYt51gMdpmUNGORCShuMajqwwbNjvg== =5/kY -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA24359 VERIFY ADVISORY: http://secunia.com/advisories/24359/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system. 1) An integer overflow error exists in the handling of 3GP video files. 2) A boundary error in the handling of MIDI files can be exploited to cause a heap-based buffer overflow. 4) An integer overflow exists in the handling of UDTA atoms in movie files. 6) A boundary error in the handling of QTIF files can be exploited to cause a stack-based buffer overflow. 7) An integer overflow exists in the handling of QTIF files. 8) An input validation error exists in the processing of QTIF files. This can be exploited to cause a heap corruption via a specially crafted QTIF file with the "Color Table ID" field set to "0". SOLUTION: Update to version 7.1.5. Mac OS X: http://www.apple.com/quicktime/download/mac.html Windows: http://www.apple.com/quicktime/download/win.html PROVIDED AND/OR DISCOVERED BY: 1) JJ Reyes 2,5,6,7) Mike Price, McAfee AVERT Labs 3) Mike Price, McAfee AVERT Labs, Piotr Bania, and Artur Ogloza 4) Sowhat of Nevis Labs and an anonymous researcher via ZDI. 8) Ruben Santamarta via iDefense and JJ Reyes ORIGINAL ADVISORY: Apple: http://docs.info.apple.com/article.html?artnum=305149 Piotr Bania: http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=486 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 7.92

sources: NVD: CVE-2007-0715 // CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // JVNDB: JVNDB-2007-000195 // BID: 22827 // VULHUB: VHN-24077 // PACKETSTORM: 54941 // PACKETSTORM: 54850

AFFECTED PRODUCTS

vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 6.4
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.1	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.4	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.2	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.4	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.1	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.2	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0.3	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.1.3	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	eq	version:	7.0	Trust: 1.6
vendor:	apple	model:	quicktime	scope:	lte	version:	7.1.4	Trust: 0.8
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.4	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.3	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.0	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.5	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	7.1	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	quicktime player	scope:	ne	version:	7.1.5	Trust: 0.3

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // BID: 22827 // JVNDB: JVNDB-2007-000195 // CNNVD: CNNVD-200703-183 // NVD: CVE-2007-0715

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-0715
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#568689
value:	16.20
Trust: 0.8
CARNEGIE MELLON:	VU#880561
value:	6.64
Trust: 0.8
CARNEGIE MELLON:	VU#822481
value:	9.00
Trust: 0.8
CARNEGIE MELLON:	VU#861817
value:	17.36
Trust: 0.8
CARNEGIE MELLON:	VU#448745
value:	4.81
Trust: 0.8
CARNEGIE MELLON:	VU#313225
value:	17.72
Trust: 0.8
CARNEGIE MELLON:	VU#410993
value:	16.20
Trust: 0.8
CARNEGIE MELLON:	VU#642433
value:	16.20
Trust: 0.8
NVD:	CVE-2007-0715
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200703-183
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-24077
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-0715
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24077
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // VULHUB: VHN-24077 // JVNDB: JVNDB-2007-000195 // CNNVD: CNNVD-200703-183 // NVD: CVE-2007-0715

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-0715

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 54941 // CNNVD: CNNVD-200703-183

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200703-183

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-000195

PATCH

title:	QuickTime 7.1.5 for Mac	url:	http://www.apple.com/support/downloads/quicktime715formac.html	Trust: 0.8
title:	QuickTime 7.1.5 for Windows	url:	http://www.apple.com/support/downloads/quicktime715forwindows.html	Trust: 0.8
title:	QuickTime 7.1.5	url:	http://docs.info.apple.com/article.html?artnum=305149	Trust: 0.8
title:	QuickTime 7.1.5	url:	http://docs.info.apple.com/article.html?artnum=305149-ja	Trust: 0.8
title:	アップル - QuickTime	url:	http://www.apple.com/jp/quicktime/download/win.html	Trust: 0.8
title:	QuickTime 7.1.5 for Windows	url:	http://www.apple.com/jp/ftp-info/reference/quicktime715forwindows.html	Trust: 0.8
title:	QuickTime 7.1.5 for Mac	url:	http://www.apple.com/jp/ftp-info/reference/quicktime715formac.html	Trust: 0.8

sources: JVNDB: JVNDB-2007-000195

EXTERNAL IDS

db:	BID	id:	22827	Trust: 9.2
db:	SECUNIA	id:	24359	Trust: 9.0
db:	SECTRACK	id:	1017725	Trust: 8.1
db:	AUSCERT	id:	AL-2007.0031	Trust: 6.4
db:	CERT/CC	id:	VU#448745	Trust: 3.6
db:	USCERT	id:	TA07-065A	Trust: 2.9
db:	NVD	id:	CVE-2007-0715	Trust: 2.8
db:	VUPEN	id:	ADV-2007-0825	Trust: 1.7
db:	OSVDB	id:	33901	Trust: 1.7
db:	XF	id:	32821	Trust: 1.4
db:	CERT/CC	id:	VU#568689	Trust: 1.1
db:	CERT/CC	id:	VU#880561	Trust: 1.1
db:	CERT/CC	id:	VU#822481	Trust: 1.1
db:	CERT/CC	id:	VU#861817	Trust: 1.1
db:	CERT/CC	id:	VU#313225	Trust: 1.1
db:	CERT/CC	id:	VU#410993	Trust: 1.1
db:	CERT/CC	id:	VU#642433	Trust: 1.1
db:	BID	id:	22843	Trust: 0.8
db:	BID	id:	22844	Trust: 0.8
db:	ZDI	id:	ZDI-07-010	Trust: 0.8
db:	USCERT	id:	SA07-065A	Trust: 0.8
db:	JVNDB	id:	JVNDB-2007-000195	Trust: 0.8
db:	CNNVD	id:	CNNVD-200703-183	Trust: 0.7
db:	CERT/CC	id:	TA07-065A	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2007-03-05	Trust: 0.6
db:	VULHUB	id:	VHN-24077	Trust: 0.1
db:	PACKETSTORM	id:	54941	Trust: 0.1
db:	PACKETSTORM	id:	54850	Trust: 0.1

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // VULHUB: VHN-24077 // BID: 22827 // JVNDB: JVNDB-2007-000195 // PACKETSTORM: 54941 // PACKETSTORM: 54850 // CNNVD: CNNVD-200703-183 // NVD: CVE-2007-0715

REFERENCES

url:	http://www.securityfocus.com/bid/22827	Trust: 8.9
url:	http://docs.info.apple.com/article.html?artnum=305149	Trust: 8.2
url:	http://secunia.com/advisories/24359/	Trust: 6.5
url:	http://www.auscert.org.au/7356	Trust: 6.4
url:	http://www.ciac.org/ciac/bulletins/r-171.shtml	Trust: 6.4
url:	http://securitytracker.com/id?1017725	Trust: 5.6
url:	http://www.us-cert.gov/cas/techalerts/ta07-065a.html	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/448745	Trust: 2.8
url:	http://www.apple.com/quicktime/download/	Trust: 2.7
url:	http://www.securitytracker.com/id?1017725	Trust: 2.5
url:	http://secunia.com/advisories/24359	Trust: 2.5
url:	http://www.us-cert.gov/cas/tips/st04-010.html	Trust: 2.4
url:	http://support.microsoft.com/default.aspx?scid=kb;en-us;q294676	Trust: 2.4
url:	http://www.cert.org/tech_tips/before_you_plug_in.html	Trust: 2.4
url:	http://www.mozilla.org/support/firefox/faq	Trust: 2.4
url:	http://lists.apple.com/archives/security-announce/2007/mar/msg00000.html	Trust: 1.7
url:	http://osvdb.org/33901	Trust: 1.7
url:	http://www.apple.com/itunes/	Trust: 1.6
url:	http://www.frsirt.com/english/advisories/2007/0825	Trust: 1.4
url:	http://xforce.iss.net/xforce/xfdb/32821	Trust: 1.4
url:	http://www.vupen.com/english/advisories/2007/0825	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/32821	Trust: 1.1
url:	http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt	Trust: 0.9
url:	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=486	Trust: 0.9
url:	http://en.wikipedia.org/wiki/.mov	Trust: 0.8
url:	http://www.securityfocus.com/bid/22843	Trust: 0.8
url:	http://en.wikipedia.org/wiki/musical_instrument_digital_interface	Trust: 0.8
url:	http://developer.apple.com/documentation/quicktime/qtff/index.html	Trust: 0.8
url:	http://developer.apple.com/documentation/quicktime/qtff/qtffchap2/chapter_3_section_2.html	Trust: 0.8
url:	http://secway.org/advisory/ad20070306.txt	Trust: 0.8
url:	http://secway.org/advisory/ad20060512.txt	Trust: 0.8
url:	http://www.zerodayinitiative.com/advisories/zdi-07-010.html	Trust: 0.8
url:	http://www.securityfocus.com/bid/22844	Trust: 0.8
url:	http://en.wikipedia.org/wiki/pict	Trust: 0.8
url:	http://www.reversemode.com/index.php?option=com_remository&itemid=2&func=fileinfo&id=46	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0715	Trust: 0.8
url:	http://jvn.jp/cert/jvnta07-065a/index.html	Trust: 0.8
url:	http://jvn.jp/tr/trta07-065a/index.html	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0715	Trust: 0.8
url:	http://www.us-cert.gov/cas/alerts/sa07-065a.html	Trust: 0.8
url:	http://www.cyberpolice.go.jp/important/2007/20070306_153534.html	Trust: 0.8
url:	http://www.apple.com/quicktime/	Trust: 0.3
url:	msg://bugtraq/45ec9719.10206@idefense.com	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/313225	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/410993	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/568689	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/642433	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/822481	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/861817	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/880561	Trust: 0.3
url:	http://docs.info.apple.com/article.html?artnum=304263>	Trust: 0.1
url:	http://www.apple.com/support/downloads/quicktime715formac.html>	Trust: 0.1
url:	http://www.apple.com/quicktime/download/standalone.html>	Trust: 0.1
url:	http://www.us-cert.gov/legal.html>	Trust: 0.1
url:	http://www.us-cert.gov/reading_room/securing_browser/>	Trust: 0.1
url:	http://docs.info.apple.com/article.html?artnum=106704>	Trust: 0.1
url:	http://www.us-cert.gov/cas/techalerts/ta07-065a.html>	Trust: 0.1
url:	http://www.us-cert.gov/cas/signup.html>.	Trust: 0.1
url:	http://www.kb.cert.org/vuls/byid?searchview&query=quicktime_715>	Trust: 0.1
url:	http://www.apple.com/support/downloads/quicktime715forwindows.html>	Trust: 0.1
url:	http://docs.info.apple.com/article.html?artnum=305149>	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/5090/	Trust: 0.1
url:	http://www.apple.com/quicktime/download/win.html	Trust: 0.1
url:	http://secunia.com/disassembling_og_reversing/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/hardcore_disassembler_and_reverse_engineer/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://www.apple.com/quicktime/download/mac.html	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: CERT/CC: VU#568689 // CERT/CC: VU#880561 // CERT/CC: VU#822481 // CERT/CC: VU#861817 // CERT/CC: VU#448745 // CERT/CC: VU#313225 // CERT/CC: VU#410993 // CERT/CC: VU#642433 // VULHUB: VHN-24077 // BID: 22827 // JVNDB: JVNDB-2007-000195 // PACKETSTORM: 54941 // PACKETSTORM: 54850 // CNNVD: CNNVD-200703-183 // NVD: CVE-2007-0715

CREDITS

JJ Reyes Mike Price iotr Bania Artur Ogloza Piotr Bania※ bania.piotr@gmail.com※Sowhat※ smaillist@gmail.com※http://www.zerodayinitiative.com/

Trust: 0.6

sources: CNNVD: CNNVD-200703-183

SOURCES

db:	CERT/CC	id:	VU#568689
db:	CERT/CC	id:	VU#880561
db:	CERT/CC	id:	VU#822481
db:	CERT/CC	id:	VU#861817
db:	CERT/CC	id:	VU#448745
db:	CERT/CC	id:	VU#313225
db:	CERT/CC	id:	VU#410993
db:	CERT/CC	id:	VU#642433
db:	VULHUB	id:	VHN-24077
db:	BID	id:	22827
db:	JVNDB	id:	JVNDB-2007-000195
db:	PACKETSTORM	id:	54941
db:	PACKETSTORM	id:	54850
db:	CNNVD	id:	CNNVD-200703-183
db:	NVD	id:	CVE-2007-0715

LAST UPDATE DATE

2024-11-22T20:28:01.439000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#568689	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#880561	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#822481	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#861817	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#448745	date:	2007-03-09T00:00:00
db:	CERT/CC	id:	VU#313225	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#410993	date:	2007-03-19T00:00:00
db:	CERT/CC	id:	VU#642433	date:	2007-03-19T00:00:00
db:	VULHUB	id:	VHN-24077	date:	2017-07-29T00:00:00
db:	BID	id:	22827	date:	2007-03-06T21:05:00
db:	JVNDB	id:	JVNDB-2007-000195	date:	2007-04-19T00:00:00
db:	CNNVD	id:	CNNVD-200703-183	date:	2007-03-07T00:00:00
db:	NVD	id:	CVE-2007-0715	date:	2017-07-29T01:30:21.843

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#568689	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#880561	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#822481	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#861817	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#448745	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#313225	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#410993	date:	2007-03-06T00:00:00
db:	CERT/CC	id:	VU#642433	date:	2007-03-06T00:00:00
db:	VULHUB	id:	VHN-24077	date:	2007-03-05T00:00:00
db:	BID	id:	22827	date:	2007-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2007-000195	date:	2007-04-19T00:00:00
db:	PACKETSTORM	id:	54941	date:	2007-03-09T00:22:35
db:	PACKETSTORM	id:	54850	date:	2007-03-08T00:54:52
db:	CNNVD	id:	CNNVD-200703-183	date:	2007-03-05T00:00:00
db:	NVD	id:	CVE-2007-0715	date:	2007-03-05T22:19:00