What is CVE-2007-6166?

CVE-2007-6166 is a vulnerability in N/a. Published 2007-11-29.

Is CVE-2007-6166 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a…

EPSS: 0.843 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

26549 (vdb-entry, x_refsource_BID)
www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_c… (x_refsource_MISC)
3410 (x_refsource_SREASON, third-party-advisory)
4648 (exploit, x_refsource_EXPLOIT-DB)
docs.info.apple.com/article.html (x_refsource_MISC)
APPLE-SA-2007-12-13 (vendor-advisory, x_refsource_APPLE)
GLSA-200803-08 (vendor-advisory, x_refsource_GENTOO)
26560 (vdb-entry, x_refsource_BID)
TA07-334A (x_refsource_CERT, third-party-advisory)
VU#659761 (x_refsource_CERT-VN, third-party-advisory)

Frequently asked questions

What is CVE-2007-6166?: CVE-2007-6166 is a vulnerability in N/a. Published 2007-11-29.
Is CVE-2007-6166 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.