CVE-2006-4965

Published: Sep 25, 2006Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.

Affected (1)

Products: Apple: Quicktime

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Quicktime	Version 7.1.3

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (30)

http://docs.info.apple.com/article.html?artnum=305149

Source: cve@mitre.org

http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html

Source: cve@mitre.org

http://secunia.com/advisories/22048

Source: cve@mitre.org

ExploitVendor Advisory

http://secunia.com/advisories/27414

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1631

Source: cve@mitre.org

http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox

Source: cve@mitre.org

http://www.gnucitizen.org/blog/backdooring-mp3-files/

Source: cve@mitre.org

Exploit

http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/751808

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/archive/1/446750/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/453756/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/479179/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20138

Source: cve@mitre.org

Exploit

http://www.securitytracker.com/id?1018687

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/3155

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=305149

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22048

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://secunia.com/advisories/27414

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/1631

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gnucitizen.org/blog/backdooring-mp3-files/

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.gnucitizen.org/blog/myspace-quicktime-worm-follow-up

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/751808

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/archive/1/446750/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/453756/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/479179/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/20138

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securitytracker.com/id?1018687

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/3155

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.