CVE-2007-3746

Currently unrated

Key Information:

Vendor: Apple
Status: Ichat
Vendor: CVE Published:; 3 August 2007

Summary

The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet.

References

http://www.vupen.com/english/advisories/2007/2732

vdb-entryx_refsource_VUPEN

http://lists.apple.com/archives/security-announce//2007/J...

vendor-advisoryx_refsource_APPLE

https://exchange.xforce.ibmcloud.com/vulnerabilities/35727

vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 3, 2007
Vulnerability Reserved
Jul 12, 2007