QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:30
Type | Values Removed | Values Added |
---|---|---|
References | () http://docs.info.apple.com/article.html?artnum=305947 - | |
References | () http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html - Patch | |
References | () http://osvdb.org/36131 - | |
References | () http://secunia.com/advisories/26034 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/24873 - | |
References | () http://www.securitytracker.com/id?1018373 - | |
References | () http://www.us-cert.gov/cas/techalerts/TA07-193A.html - US Government Resource | |
References | () http://www.vupen.com/english/advisories/2007/2510 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/35361 - |
Information
Published : 2007-07-15 21:30
Updated : 2024-11-21 00:30
NVD link : CVE-2007-2402
Mitre link : CVE-2007-2402
CVE.ORG link : CVE-2007-2402
JSON object : View
Products Affected
apple
- quicktime
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor