QuickTime for Java
by Apple Inc.
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-3751 | 0.02 | — | 0.26 | Nov 7, 2007 | Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors. | |||
| CVE-2007-2397 | 0.01 | — | 0.07 | Jul 15, 2007 | QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | |||
| CVE-2007-2393 | 0.01 | — | 0.07 | Jul 15, 2007 | The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution. | |||
| CVE-2007-2402 | 0.00 | — | 0.03 | Jul 15, 2007 | QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets. | |||
| CVE-2007-2389 | 0.00 | — | 0.03 | May 29, 2007 | Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | |||
| CVE-2006-5681 | 0.00 | — | 0.02 | Dec 20, 2006 | QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects. |
- CVE-2007-3751Nov 7, 2007risk 0.02cvss —epss 0.26
Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.
- CVE-2007-2397Jul 15, 2007risk 0.01cvss —epss 0.07
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
- CVE-2007-2393Jul 15, 2007risk 0.01cvss —epss 0.07
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.
- CVE-2007-2402Jul 15, 2007risk 0.00cvss —epss 0.03
QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets.
- CVE-2007-2389May 29, 2007risk 0.00cvss —epss 0.03
Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets.
- CVE-2006-5681Dec 20, 2006risk 0.00cvss —epss 0.02
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.