Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-308
Vulnerability from certfr_avis - Published: 2007-07-12 - Updated: 2007-07-12
Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. L'exploitation de ces dernières peut entraîner un dysfonctionnement de l'application, voire l'exécution de code arbitraire à distance sur le système vulnérable.
Description
Plusieurs vulnérabilités ont été identifiées dans le lecteur multimédia Apple QuickTime. Parmi celles-ci :
- l'application ne manipulerait pas correctement les vidéos au format H.264. Ce problème peut ainsi provoquer une corruption de la mémoire.
- l'application ne manipulerait pas correctement les fichiers au format .m4v. Ce problème peut ainsi provoquer un débordement d'entier.
- l'application ne manipulerait pas correctement les fichiers au format SMIL. Ce problème peut ainsi provoquer un débordement d'entier.
- les vérifications de sécurité (permissions) peuvent être contournées, dans QuickTime pour Java. L'exploitation de cette vulnérabilité, comme les précédentes, peut entraîner, sous certaines conditions, l'exécution de code arbitraire à distance sur le système vulnérable.
Solution
Se référer au bulletin de sécurité d'Apple pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QuickTime 7.2 ainsi que les versions ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. Parmi celles-ci :\n\n- l\u0027application ne manipulerait pas correctement les vid\u00e9os au format\n H.264. Ce probl\u00e8me peut ainsi provoquer une corruption de la\n m\u00e9moire.\n- l\u0027application ne manipulerait pas correctement les fichiers au\n format .m4v. Ce probl\u00e8me peut ainsi provoquer un d\u00e9bordement\n d\u0027entier.\n- l\u0027application ne manipulerait pas correctement les fichiers au\n format SMIL. Ce probl\u00e8me peut ainsi provoquer un d\u00e9bordement\n d\u0027entier.\n- les v\u00e9rifications de s\u00e9curit\u00e9 (permissions) peuvent \u00eatre\n contourn\u00e9es, dans QuickTime pour Java. L\u0027exploitation de cette\n vuln\u00e9rabilit\u00e9, comme les pr\u00e9c\u00e9dentes, peut entra\u00eener, sous certaines\n conditions, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance sur le syst\u00e8me\n vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 d\u0027Apple pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2402"
},
{
"name": "CVE-2007-2394",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2394"
},
{
"name": "CVE-2007-2392",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2392"
},
{
"name": "CVE-2007-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2397"
},
{
"name": "CVE-2007-2393",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2393"
},
{
"name": "CVE-2007-2396",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2396"
},
{
"name": "CVE-2007-2295",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2295"
},
{
"name": "CVE-2007-2296",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2296"
}
],
"initial_release_date": "2007-07-12T00:00:00",
"last_revision_date": "2007-07-12T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 iDefense du 11 juillet 2007 :",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple du 11 juillet 2007 :",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
}
],
"reference": "CERTA-2007-AVI-308",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le lecteur multim\u00e9dia\nApple QuickTime. L\u0027exploitation de ces derni\u00e8res peut entra\u00eener un\ndysfonctionnement de l\u0027application, voire l\u0027ex\u00e9cution de code arbitraire\n\u00e0 distance sur le syst\u00e8me vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple QuickTime",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 Apple 305947 du 11 juillet 2007",
"url": null
}
]
}
CVE-2007-2397 (GCVE-0-2007-2397)
Vulnerability from cvelistv5 – Published: 2007-07-15 21:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "36132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36132"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "quicktime-applet-code-execution(35358)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35358"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "36132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36132"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "quicktime-applet-code-execution(35358)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35358"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "36132",
"refsource": "OSVDB",
"url": "http://osvdb.org/36132"
},
{
"name": "24873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "quicktime-applet-code-execution(35358)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35358"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2397",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2396 (GCVE-0-2007-2396)
Vulnerability from cvelistv5 – Published: 2007-07-15 21:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.770Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "36133",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36133"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-jdirect-code-execution(35360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35360"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "36133",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36133"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-jdirect-code-execution(35360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35360"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "36133",
"refsource": "OSVDB",
"url": "http://osvdb.org/36133"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-jdirect-code-execution(35360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35360"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2396",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2402 (GCVE-0-2007-2402)
Vulnerability from cvelistv5 – Published: 2007-07-15 21:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "36131",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36131"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "quicktime-java-information-disclosure(35361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35361"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient \"access control,\" which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "36131",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36131"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "quicktime-java-information-disclosure(35361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35361"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient \"access control,\" which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "36131",
"refsource": "OSVDB",
"url": "http://osvdb.org/36131"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "quicktime-java-information-disclosure(35361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35361"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2402",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2296 (GCVE-0-2007-2296)
Vulnerability from cvelistv5 – Published: 2007-04-26 20:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "quicktime-flipfiletypeatombton-overflow(34069)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34069"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "35578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/35578"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "23652",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23652"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security-protocols.com/sp-x46-advisory.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "1017967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017967"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "quicktime-flipfiletypeatombton-overflow(34069)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34069"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "35578",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/35578"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "23652",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23652"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security-protocols.com/sp-x46-advisory.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "1017967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017967"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "quicktime-flipfiletypeatombton-overflow(34069)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34069"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "35578",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35578"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "23652",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23652"
},
{
"name": "http://security-protocols.com/sp-x46-advisory.php",
"refsource": "MISC",
"url": "http://security-protocols.com/sp-x46-advisory.php"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "1017967",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017967"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2296",
"datePublished": "2007-04-26T20:00:00",
"dateReserved": "2007-04-26T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2295 (GCVE-0-2007-2295)
Vulnerability from cvelistv5 – Published: 2007-04-26 20:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security-protocols.com/sp-x45-advisory.php"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "35577",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/35577"
},
{
"name": "quicktime-jvtcompencodeframe-bo(34070)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34070"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "1017965",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017965"
},
{
"name": "23650",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23650"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-h264-code-execution(35356)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35356"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security-protocols.com/sp-x45-advisory.php"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "35577",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/35577"
},
{
"name": "quicktime-jvtcompencodeframe-bo(34070)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34070"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "1017965",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017965"
},
{
"name": "23650",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23650"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-h264-code-execution(35356)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35356"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "http://security-protocols.com/sp-x45-advisory.php",
"refsource": "MISC",
"url": "http://security-protocols.com/sp-x45-advisory.php"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "35577",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35577"
},
{
"name": "quicktime-jvtcompencodeframe-bo(34070)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34070"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "1017965",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017965"
},
{
"name": "23650",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23650"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-h264-code-execution(35356)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35356"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2295",
"datePublished": "2007-04-26T20:00:00",
"dateReserved": "2007-04-26T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2392 (GCVE-0-2007-2392)
Vulnerability from cvelistv5 – Published: 2007-07-15 21:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "VU#582681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/582681"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "quicktime-moviefile-code-execution(35353)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35353"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "36136",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36136"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "VU#582681",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/582681"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "quicktime-moviefile-code-execution(35353)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35353"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "36136",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36136"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "VU#582681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582681"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "quicktime-moviefile-code-execution(35353)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35353"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "36136",
"refsource": "OSVDB",
"url": "http://osvdb.org/36136"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2392",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2393 (GCVE-0-2007-2393)
Vulnerability from cvelistv5 – Published: 2007-07-15 21:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-java-applet-code-execution(35359)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35359"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "36135",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-java-applet-code-execution(35359)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35359"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "36135",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "quicktime-java-applet-code-execution(35359)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35359"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "36135",
"refsource": "OSVDB",
"url": "http://osvdb.org/36135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2393",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2394 (GCVE-0-2007-2394)
Vulnerability from cvelistv5 – Published: 2007-07-15 21:00 – Updated: 2024-08-07 13:33
VLAI?
EPSS
Summary
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "quicktime-smil-overflow(35357)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35357"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "20070717 Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/473882/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "36134",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36134"
},
{
"name": "20070711 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26034",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26034"
},
{
"name": "quicktime-smil-overflow(35357)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35357"
},
{
"name": "1018373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "20070717 Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/473882/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "36134",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36134"
},
{
"name": "20070711 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26034"
},
{
"name": "quicktime-smil-overflow(35357)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35357"
},
{
"name": "1018373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018373"
},
{
"name": "TA07-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html"
},
{
"name": "ADV-2007-2510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2510"
},
{
"name": "24873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24873"
},
{
"name": "20070717 Re: iDefense Security Advisory 07.11.07: Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473882/100/100/threaded"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305947",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305947"
},
{
"name": "APPLE-SA-2007-07-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html"
},
{
"name": "36134",
"refsource": "OSVDB",
"url": "http://osvdb.org/36134"
},
{
"name": "20070711 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2394",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…