CVE-2008-1585

Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file: URLs.
Configurations

Configuration 1

cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*

Information

Published : 2008-06-10 06:32

Updated : 2018-10-11 08:35


NVD link : CVE-2008-1585

Mitre link : CVE-2008-1585

Products Affected
No products.
CWE