Unrated severityNVD Advisory· Published Jul 15, 2007· Updated Apr 23, 2026

CVE-2007-2402

Description

QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.

Affected products

Apple Inc./Quicktime12 versions
cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/Security-announce/2007/Jul/msg00001.htmlnvdPatch
secunia.com/advisories/26034nvdPatchVendor Advisory
www.us-cert.gov/cas/techalerts/TA07-193A.htmlnvdUS Government Resource
docs.info.apple.com/article.htmlnvd
osvdb.org/36131nvd
www.securityfocus.com/bid/24873nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/2510nvd
exchange.xforce.ibmcloud.com/vulnerabilities/35361nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000