Lucene search

[email protected]CVE-2007-2393

HistoryJul 15, 2007 - 9:30 p.m.

CVE-2007-2393

2007-07-1521:30:00

[email protected]

web.nvd.nist.gov

cve-2007-2393

quicktime

java

apple

security controls

arbitrary code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

91.0%

JSON

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.

Affected configurations

NVD

Node

applequicktimeMatch-

applequicktimeMatch7.0

applequicktimeMatch7.0.1

applequicktimeMatch7.0.2

applequicktimeMatch7.0.3

applequicktimeMatch7.0.4

applequicktimeMatch7.1

applequicktimeMatch7.1.1

applequicktimeMatch7.1.2

applequicktimeMatch7.1.3

applequicktimeMatch7.1.4

applequicktimeMatch7.1.5

CPENameOperatorVersion
apple:quicktimeapple quicktimeeq-
apple:quicktimeapple quicktimeeq7.0
apple:quicktimeapple quicktimeeq7.0.1
apple:quicktimeapple quicktimeeq7.0.2
apple:quicktimeapple quicktimeeq7.0.3
apple:quicktimeapple quicktimeeq7.0.4
apple:quicktimeapple quicktimeeq7.1
apple:quicktimeapple quicktimeeq7.1.1
apple:quicktimeapple quicktimeeq7.1.2
apple:quicktimeapple quicktimeeq7.1.3

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	eq	-
apple:quicktime	apple quicktime	eq	7.0
apple:quicktime	apple quicktime	eq	7.0.1
apple:quicktime	apple quicktime	eq	7.0.2
apple:quicktime	apple quicktime	eq	7.0.3
apple:quicktime	apple quicktime	eq	7.0.4
apple:quicktime	apple quicktime	eq	7.1
apple:quicktime	apple quicktime	eq	7.1.1
apple:quicktime	apple quicktime	eq	7.1.2
apple:quicktime	apple quicktime	eq	7.1.3

Rows per page:

1-10 of 121

References

docs.info.apple.com/article.html?artnum=305947

lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html

osvdb.org/36135

secunia.com/advisories/26034

www.securityfocus.com/bid/24873

www.securitytracker.com/id?1018373

www.us-cert.gov/cas/techalerts/TA07-193A.html

www.vupen.com/english/advisories/2007/2510

exchange.xforce.ibmcloud.com/vulnerabilities/35359

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.03 Low

EPSS

Percentile

91.0%

JSON

Related for CVE-2007-2393

prion1 nvd1 cvelist1 nessus2 seebug1