CVE-2007-2393

critical

Description

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35359

http://www.vupen.com/english/advisories/2007/2510

http://www.us-cert.gov/cas/techalerts/TA07-193A.html

http://www.securitytracker.com/id?1018373

http://www.securityfocus.com/bid/24873

http://secunia.com/advisories/26034

http://osvdb.org/36135

http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html

http://docs.info.apple.com/article.html?artnum=305947

Details

Source: Mitre, NVD

Published: 2007-07-15

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.11782

Detections

Analytics