CVE-2007-5045 (retired)

Priority
Description
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when
running on systems with Mozilla Firefox before 2.0.0.7 installed, allows
remote attackers to execute arbitrary commands via a QuickTime Media Link
(QTL) file with an embed XML element and a qtnext parameter containing the
Firefox "-chrome" argument. NOTE: this is a related issue to CVE-2006-4965
and the result of an incomplete fix for CVE-2007-3670.
Notes
 kees> This is a Windows-only issue.
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:41:37 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)