漏洞信息详情
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple QuickTime for Windows qtnext字段自变量注入漏洞
- CNNVD编号:CNNVD-200710-059
- 危害等级: 中危
- CVE编号: CVE-2007-4673
- 漏洞类型: 操作系统命令注入
- 发布时间: 2007-10-04
- 威胁类型: 远程
- 更新时间: 2007-10-11
- 厂 商: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
- 漏洞来源: The vendor disclos...
漏洞简介
Windows XP SP2和Vista中的CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple QuickTime 7.2存在自变量注入漏洞,远程攻击者可以借助一个特制的QTL文件中的qtnext字段的一个URL执行任意指令。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Quicktime 7.2
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Security Update for QuickTime 7.2 for Windows
http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/securityupdateforquicktime72for
windows.HTML
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple QuickTime Player 7.2
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Security Update for QuickTime 7.2 for Windows
http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/securityupdateforquicktime72for
windows.HTML
参考网址
来源: BID
名称: 25913
链接:http://www.securityfocus.com/bid/25913
来源: OSVDB
名称: 40434
链接:http://osvdb.org/40434
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2007-10-03
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/Security-announce/2007/Oct/msg00000.HTML
来源: docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/article.HTML?artnum=306560
来源: XF
名称: quicktime-qtl-code-execution(36937)
链接:http://xforce.iss.net/xforce/xfdb/36937
受影响实体
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Quicktime:7.2:Windows_vista
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Quicktime:7.2:Windows_sp_2
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论