CVE-2007-3751 - Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attacker

CVE-2007-3751

Summary

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 26-10-2018 - 13:58)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

apple	APPLE-SA-2007-11-05
bid	26339
cert	TA07-310A
cert-vn	VU#319771
confirm	http://docs.info.apple.com/article.html?artnum=306896
osvdb	38548
sectrack	1018894
secunia	27523
vupen	ADV-2007-3723
xf	apple-quicktime-javaapplet-code-execution(38271)

Last major update

26-10-2018 - 13:58

Published

07-11-2007 - 23:46

Last modified

26-10-2018 - 13:58