CVE-2007-5045 in QuickTime信息

摘要

由 VulDB • 2026-07-01

Apple QuickTime 7.1.5及更早版本中存在参数注入漏洞,当在安装了Mozilla Firefox(低于2.0.0.7)的系统上运行时,远程攻击者可通过包含嵌入XML元素且qtnext参数含有Firefox“-chrome”参数的QuickTime Media Link (QTL)文件执行任意命令。注意:此问题与CVE-2006-4965相关,是CVE-2007-3670修复不彻底的结果。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Interested in the pricing of exploits?

See the underground prices here!