Vulnerabilities

CVE-2007-2388

by Fred · 29/05/2007

Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations.

Date published : 2007-05-29

http://lists.apple.com/archives/security-announce/2007/May/msg00005.html

http://www.securityfocus.com/bid/24221

Similar

Tags: Cybersecurity Alert