NVD

Id
57133  
Name
CVE-2007-5045  
Description
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. NOTE: this is a related issue to CVE-2006-4965 and the result of an incomplete fix for CVE-2007-3670.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-09-23  
Modified Date
2011-03-07  
Seq
2007-5045  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
291725 57133 CVE-2007-5045 SSRT061181  View
291726 57133 CVE-2007-5045 oval:org.mitre.oval:def:5896  View
291727 57133 CVE-2007-5045 201516  View
291728 57133 CVE-2007-5045 http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox  View
291729 57133 CVE-2007-5045 http://www.mozilla.org/security/announce/2007/mfsa2007-28.html  View
291730 57133 CVE-2007-5045 SUSE-SA:2007:057  View
291731 57133 CVE-2007-5045 20070912 0DAY: QuickTime pwns Firefox  View
291732 57133 CVE-2007-5045 ADV-2007-3197  View
291733 57133 CVE-2007-5045 https://bugzilla.mozilla.org/show_bug.cgi?id=395942  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53983 JVNDB-2007-002675 Apple QuickTime における任意のコマンドを実行される脆弱性 Apple QuickTime には、Mozilla Firefox がインストールされたシステム上で稼動している際、任意のコマンドを実行される脆弱性が存在します。 CVE-2007-5045 28400 CVE-2007-5045 57133 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002675.html 2007-09-23 2012-06-26 View