CVE-2007-6238

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166.

Vulnerabilidad no especificada en Apple QuickTime 7.2 sobre Windows XP permite a atacantes remotos ejecutar código de su elección a través de un vector de ataque desconocido, probablemente una vulnerabilidad diferente que CVE-2007-6166. NOTA: esta información está basada en un aviso poco completo a través de una organización que vende vulnerabilidades que no se coordina con vendedores o lleva a cabo avisos con información pertinente. Un CVE se ha asignado para facilitar su seguimiento, pero los duplicados con otros CVE son difíciles de determinar. Sin embargo, la organización ha declarado que esto es diferente de CVE - 2007 - 6166.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-12-04 CVE Reserved
2007-12-04 CVE Published
2024-08-07 CVE Updated
2024-08-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
http://wabisabilabi.blogspot.com/2007/11/quicktime-zeroday-vulnerability-still.html	X_refsource_misc
http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000185	X_refsource_misc
http://www.securityfocus.com/bid/26682	Vdb Entry
http://www.securitytracker.com/id?1019039	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/38852	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apple Search vendor "Apple"		Quicktime Search vendor "Apple" for product "Quicktime"				7.2 Search vendor "Apple" for product "Quicktime" and version "7.2"		windows_xp		Affected