Vulnerability Description
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Quicktime | - |
References
- http://docs.info.apple.com/article.html?artnum=305947Patch
- http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.htmlPatch
- http://osvdb.org/36135
- http://secunia.com/advisories/26034PatchVendor Advisory
- http://www.securityfocus.com/bid/24873
- http://www.securitytracker.com/id?1018373
- http://www.us-cert.gov/cas/techalerts/TA07-193A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/2510
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35359
- http://docs.info.apple.com/article.html?artnum=305947Patch
- http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.htmlPatch
- http://osvdb.org/36135
- http://secunia.com/advisories/26034PatchVendor Advisory
- http://www.securityfocus.com/bid/24873
- http://www.securitytracker.com/id?1018373
FAQ
What is CVE-2007-2393?
CVE-2007-2393 is a vulnerability with a CVSS score of 9.3 (HIGH). The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary c...
How severe is CVE-2007-2393?
CVE-2007-2393 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2393?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Quicktime.