Unrated severityNVD Advisory· Published Jul 15, 2007· Updated Jun 16, 2026
CVE-2007-2402
CVE-2007-2402
Description
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.
Affected products
13cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*
- Range: <7.2
Patches
Vulnerability mechanics
References
9- lists.apple.com/archives/Security-announce/2007/Jul/msg00001.htmlnvdPatch
- secunia.com/advisories/26034nvdPatchVendor Advisory
- www.us-cert.gov/cas/techalerts/TA07-193A.htmlnvdUS Government Resource
- docs.info.apple.com/article.htmlnvd
- osvdb.org/36131nvd
- www.securityfocus.com/bid/24873nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2007/2510nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/35361nvd
News mentions
0No linked articles in our index yet.