Heap Overflow Vulnerability in Apple Java for Mac OS X
CVE-2007-3746

Currently unrated

Key Information:

Vendor: Apple
Status: Ichat
Vendor: CVE Published:; 3 August 2007

What is CVE-2007-3746?

The Java interface to CoreAudio on Apple Mac OS X versions 10.3.9 and 10.4.10 contains a heap overflow vulnerability that fails to properly validate bounds of heap read and write operations. This flaw can be exploited by malicious actors through specially crafted applets, potentially allowing them to execute arbitrary code on the affected systems. Users running these versions are advised to apply necessary updates or mitigations to safeguard against possible exploits.

References

http://www.vupen.com/english/advisories/2007/2732

vdb-entryx_refsource_VUPEN

http://lists.apple.com/archives/security-announce//2007/J...

vendor-advisoryx_refsource_APPLE

https://exchange.xforce.ibmcloud.com/vulnerabilities/35727

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 3, 2007
Vulnerability Reserved
Jul 12, 2007