Apple Quicktime For Java Variant Information Disclosure Vulnerability
BID:24222
Info
Apple Quicktime For Java Variant Information Disclosure Vulnerability
| Bugtraq ID: | 24222 |
| Class: | Design Error |
| CVE: |
CVE-2007-2389 |
| Remote: | Yes |
| Local: | No |
| Published: | May 29 2007 12:00AM |
| Updated: | May 30 2007 08:01PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Apple QuickTime Player 7.1.6 |
| Not Vulnerable: | |
Discussion
Apple Quicktime For Java Variant Information Disclosure Vulnerability
Apple QuickTime for Java is prone to an information-disclosure vulnerability.
Attackers may exploit this issue by convincing victims into visiting a malicious website.
Exploiting this issue may allow remote attackers to view memory that may contain sensitive information.
Apple QuickTime for Java is prone to an information-disclosure vulnerability.
Attackers may exploit this issue by convincing victims into visiting a malicious website.
Exploiting this issue may allow remote attackers to view memory that may contain sensitive information.
Exploit / POC
Apple Quicktime For Java Variant Information Disclosure Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Apple Quicktime For Java Variant Information Disclosure Vulnerability
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
Apple QuickTime Player 7.1.6
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
Apple QuickTime Player 7.1.6
-
Apple Security Update (QuickTime 7.1.6 for Mac)
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=14012&cat= 57&platform=osx&method=sa/SecUpdQuickTime716.dmg -
Apple Security Update (QuickTime 7.1.6 for Windows)
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=14013&cat= 57&platform=osx&method=sa/SecUpdQuickTime716.msi
References
Apple Quicktime For Java Variant Information Disclosure Vulnerability
References:
References: