Unrated severityNVD Advisory· Published Nov 29, 2007· Updated Apr 23, 2026
CVE-2007-6166
CVE-2007-6166
Description
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Affected products
26cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*range: <=7.3
- cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- secunia.com/advisories/27755nvdVendor Advisory
- secunia.com/advisories/29182nvdVendor Advisory
- www.vupen.com/english/advisories/2007/3984nvdVendor Advisory
- www.kb.cert.org/vuls/id/659761nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA07-334A.htmlnvdUS Government Resource
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/Security-announce/2007/Dec/msg00000.htmlnvd
- security.gentoo.org/glsa/glsa-200803-08.xmlnvd
- securityreason.com/securityalert/3410nvd
- www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_controlnvd
- www.securityfocus.com/bid/26549nvd
- www.securityfocus.com/bid/26560nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38604nvd
- www.exploit-db.com/exploits/4648nvd
- www.exploit-db.com/exploits/6013nvd
News mentions
0No linked articles in our index yet.