Unrated severityNVD Advisory· Published Nov 29, 2007· Updated Jun 16, 2026
CVE-2007-6166
CVE-2007-6166
Description
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*+ 25 more
- cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*range: <=7.3
- cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:6.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.2:*:*:*:*:*:*:*
- (no CPE)range: <7.3.1
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
16- secunia.com/advisories/27755nvdVendor Advisory
- secunia.com/advisories/29182nvdVendor Advisory
- www.vupen.com/english/advisories/2007/3984nvdVendor Advisory
- www.kb.cert.org/vuls/id/659761nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA07-334A.htmlnvdUS Government Resource
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/Security-announce/2007/Dec/msg00000.htmlnvd
- security.gentoo.org/glsa/glsa-200803-08.xmlnvd
- securityreason.com/securityalert/3410nvd
- www.beskerming.com/security/2007/11/25/74/QuickTime_-_Remote_hacker_automatic_controlnvd
- www.securityfocus.com/bid/26549nvd
- www.securityfocus.com/bid/26560nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38604nvd
- www.exploit-db.com/exploits/4648nvd
- www.exploit-db.com/exploits/6013nvd
News mentions
0No linked articles in our index yet.