9.3
CVE-2007-2397
- EPSS 6.88%
- Veröffentlicht 15.07.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.88% | 0.932 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://docs.info.apple.com/article.html?artnum=305947
http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html
http://secunia.com/advisories/26034
http://www.securitytracker.com/id?1018373
http://www.us-cert.gov/cas/techalerts/TA07-193A.html
http://www.vupen.com/english/advisories/2007/2510
http://www.securityfocus.com/bid/24873
http://osvdb.org/36132
https://exchange.xforce.ibmcloud.com/vulnerabilities/35358