Описание
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
Ссылки
- Patch
- Patch
- PatchVendor Advisory
- US Government Resource
- Patch
- Patch
- PatchVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.32177
Средний
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
EPSS
Процентиль: 97%
0.32177
Средний
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other