Lucene search

[email protected]CVE-2007-2402

HistoryJul 15, 2007 - 9:30 p.m.

CVE-2007-2402

2007-07-1521:30:00

CWE-200

[email protected]

web.nvd.nist.gov

apple

quicktime

java

access control

vulnerability

nvd

cve-2007-2402

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.5 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.2%

JSON

QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient “access control,” which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.

Affected configurations

NVD

Node

applequicktimeMatch-

applequicktimeMatch7.0

applequicktimeMatch7.0.1

applequicktimeMatch7.0.2

applequicktimeMatch7.0.3

applequicktimeMatch7.0.4

applequicktimeMatch7.1

applequicktimeMatch7.1.1

applequicktimeMatch7.1.2

applequicktimeMatch7.1.3

applequicktimeMatch7.1.4

applequicktimeMatch7.1.5

CPENameOperatorVersion
apple:quicktimeapple quicktimeeq-
apple:quicktimeapple quicktimeeq7.0
apple:quicktimeapple quicktimeeq7.0.1
apple:quicktimeapple quicktimeeq7.0.2
apple:quicktimeapple quicktimeeq7.0.3
apple:quicktimeapple quicktimeeq7.0.4
apple:quicktimeapple quicktimeeq7.1
apple:quicktimeapple quicktimeeq7.1.1
apple:quicktimeapple quicktimeeq7.1.2
apple:quicktimeapple quicktimeeq7.1.3

CPE	Name	Operator	Version
apple:quicktime	apple quicktime	eq	-
apple:quicktime	apple quicktime	eq	7.0
apple:quicktime	apple quicktime	eq	7.0.1
apple:quicktime	apple quicktime	eq	7.0.2
apple:quicktime	apple quicktime	eq	7.0.3
apple:quicktime	apple quicktime	eq	7.0.4
apple:quicktime	apple quicktime	eq	7.1
apple:quicktime	apple quicktime	eq	7.1.1
apple:quicktime	apple quicktime	eq	7.1.2
apple:quicktime	apple quicktime	eq	7.1.3

Rows per page:

1-10 of 121

References

docs.info.apple.com/article.html?artnum=305947

lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html

osvdb.org/36131

secunia.com/advisories/26034

www.securityfocus.com/bid/24873

www.securitytracker.com/id?1018373

www.us-cert.gov/cas/techalerts/TA07-193A.html

www.vupen.com/english/advisories/2007/2510

exchange.xforce.ibmcloud.com/vulnerabilities/35361

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

5.5 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.2%

JSON

Related for CVE-2007-2402

prion1 cvelist1 nvd1 nessus2 seebug1