3 matches found
Apple QuickTime for Java security bypass vulnerability
Overview Apple QuickTime for Java fails to properly restrict the instantiation and manipulation of Java objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple QuickTime includes the ability to integrate QuickTim...
QuickTime < 7.1.6 Security Update (Windows)
The version of QuickTime installed on the remote Windows host is less than 7.1.6.200, the version associated with Apple's Security Update QuickTime 7.1.6. As a result, a remote attacker who can trick a user on the affected system into opening a malicious Java applet using QuickTime may be able to...
CVE-2007-2388
CVE-2007-2388 affects Apple QuickTime for Java 7.1.6 on Mac OS X and Windows. The vulnerability arises from improper restriction of QTObject subclassing, allowing a remote attacker to execute arbitrary code via a web page that uses a user-defined class accessing unsafe functions to write to arbit...