Code Execution Vulnerability in QuickTime for Java by Apple
CVE-2007-3751

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Windows Vista; Windows Xp
Vendor: CVE Published:; 7 November 2007

Summary

An unspecified vulnerability in QuickTime for Java allows remote attackers to execute arbitrary code by exploiting untrusted Java applets that gain elevated privileges through unknown methods. This can compromise the integrity of systems running affected versions of QuickTime prior to 7.3, leading to potential unauthorized actions and data breaches.

References

http://www.us-cert.gov/cas/techalerts/TA07-310A.html

third-party-advisoryx_refsource_CERT

http://docs.info.apple.com/article.html?artnum=306896

x_refsource_CONFIRM

http://lists.apple.com/archives/Security-announce/2007/No...

vendor-advisoryx_refsource_APPLE

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 7, 2007
Vulnerability Reserved
Jul 12, 2007