6.8
CVE-2007-3745
- EPSS 3.36%
- Veröffentlicht 03.08.2007 10:17:00
- Zuletzt bearbeitet 16.06.2026 22:42:38
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ Core Audio Technologies
Apple ≫ macOS X Version10.3.9
Apple ≫ macOS X Version10.4.10
Apple ≫ macOS X Server Version10.3.9
Apple ≫ macOS X Server Version10.4.10
Apple ≫ macOS X Version10.4.10
Apple ≫ macOS X Server Version10.3.9
Apple ≫ macOS X Server Version10.4.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.36% | 0.871 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://docs.info.apple.com/article.html?artnum=306172
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
http://secunia.com/advisories/26235
http://www.securityfocus.com/bid/25159
http://www.vupen.com/english/advisories/2007/2732
http://securitytracker.com/id?1018492
https://exchange.xforce.ibmcloud.com/vulnerabilities/35725