CVE-2007-3752
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-3752
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apple iTunes畸形音乐文件处理堆溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apple iTunes是一款媒体播放程序。 iTunes在处理音乐专辑封面时存在堆溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 如果用户受骗打开了恶意的音乐文件就可以触发这个溢出,导致播放器意外终止或执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-3752
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-3752
Please Login to view more intelligence information
- http://docs.info.apple.com/article.html?artnum=306404x_refsource_CONFIRM
- https://www.isecpartners.com/advisories/2007-005-itunes.txtx_refsource_MISC
- http://lists.apple.com/archives/security-announce/2007/Sep/msg00000.htmlvendor-advisoryx_refsource_APPLE
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17303vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2007-3752
Same Patch Batch · n/a · 2007-09-06 · 21 CVEs total
| CVE-2007-4733 | Aztech DSL 权限许可和访问控制漏洞 | |
| CVE-2007-4742 | Claroline 输入验证漏洞 | |
| CVE-2007-4741 | Claroline 跨站脚本攻击漏洞 | |
| CVE-2007-4740 | Telecom Italy Alice Messenger 权限许可和访问控制漏洞 | |
| CVE-2007-4739 | reprepro更新代码库签名验证绕过安全限制漏洞 | |
| CVE-2007-4738 | SpeedTech STPHPLib STPHPLIB_DIR Parameter 多个远程文件包含漏洞 | |
| CVE-2007-4737 | SpeedTech STPHPLibrary 代码注入漏洞 | |
| CVE-2007-4736 | CartKeeper CKGold Shopping Cart SQL注入漏洞 | |
| CVE-2007-4735 | Virtual DJ M3U文件本地栈溢出漏洞 | |
| CVE-2007-4734 | OtsTurntables M3U文件本地栈溢出漏洞 | |
| CVE-2007-3913 | Gforge 未明SQL注入漏洞 | |
| CVE-2007-4732 | Sun Solaris 输入验证漏洞 | |
| CVE-2004-2685 | @Youngzsoft Youngzsoft CCProxy 缓冲区溢出漏洞 | |
| CVE-2007-4748 | PPStream PowerPlayer.DLL ActiveX控件缓冲区溢出漏洞 | |
| CVE-2007-4747 | Cisco Video Surveillance IP Gateway telnet服务远程认证漏洞 | |
| CVE-2007-4746 | Cisco Video Surveillance IP Gateway 权限提升认证漏洞 | |
| CVE-2007-4745 | Mambo Site Server 跨站脚本攻击漏洞 | |
| CVE-2007-4744 | anyInventory environment.php 远程文件包含漏洞 | |
| CVE-2007-4743 | MIT Kerberos 5 KAdminD服务程序SVCAuth_GSS_Validate远程栈溢出漏洞 | |
| CVE-2007-4472 | Broderbund 3DGreetings Player ActiveX控件多个缓冲区溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2007-3752
No comments yet