Lucene search
HistoryAug 03, 2007 - 10:17 a.m.
CVE-2007-3747
cve-2007-3747
apple
mac os x
coreaudio
java
remote code execution
security vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote attackers to execute arbitrary code via a crafted applet.
Affected configurations
Node
applemac_os_xMatch10.3
ORapplemac_os_xMatch10.3.1
ORapplemac_os_xMatch10.3.2
ORapplemac_os_xMatch10.3.3
ORapplemac_os_xMatch10.3.4
ORapplemac_os_xMatch10.3.5
ORapplemac_os_xMatch10.3.6
ORapplemac_os_xMatch10.3.7
ORapplemac_os_xMatch10.3.8
ORapplemac_os_xMatch10.3.9
ORapplemac_os_xMatch10.4
ORapplemac_os_xMatch10.4.2
ORapplemac_os_xMatch10.4.3
ORapplemac_os_xMatch10.4.4
ORapplemac_os_xMatch10.4.5
ORapplemac_os_xMatch10.4.6
ORapplemac_os_xMatch10.4.7
ORapplemac_os_xMatch10.4.8
ORapplemac_os_xMatch10.4.9
ORapplemac_os_xMatch10.4.10
ORapplemac_os_x_serverMatch10.3
ORapplemac_os_x_serverMatch10.3.1
ORapplemac_os_x_serverMatch10.3.2
ORapplemac_os_x_serverMatch10.3.3
ORapplemac_os_x_serverMatch10.3.4
ORapplemac_os_x_serverMatch10.3.5
ORapplemac_os_x_serverMatch10.3.6
ORapplemac_os_x_serverMatch10.3.7
ORapplemac_os_x_serverMatch10.3.8
ORapplemac_os_x_serverMatch10.3.9
ORapplemac_os_x_serverMatch10.4
ORapplemac_os_x_serverMatch10.4.1
ORapplemac_os_x_serverMatch10.4.2
ORapplemac_os_x_serverMatch10.4.3
ORapplemac_os_x_serverMatch10.4.4
ORapplemac_os_x_serverMatch10.4.5
ORapplemac_os_x_serverMatch10.4.6
ORapplemac_os_x_serverMatch10.4.7
ORapplemac_os_x_serverMatch10.4.8
ORapplemac_os_x_serverMatch10.4.9
ORapplemac_os_x_serverMatch10.4.10
appleichat
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:ichat | apple ichat | eq | * |
References
Related
nvd
nvd
CVE-2007-3747
2007-08-03 10:17:00
prion
prion
Design/Logic Flaw
2007-08-03 10:17:00
cvelist
cvelist
CVE-2007-3747
2007-08-03 10:00:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
2007-08-02 00:00:00
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.034 Low
EPSS
Percentile
91.5%
Related for CVE-2007-3747