Apple QuickTime Java Extension Multiple Security Bypass Vulnerabilities
BID:53003
Info
Apple QuickTime Java Extension Multiple Security Bypass Vulnerabilities
| Bugtraq ID: | 53003 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 12 2012 12:00AM |
| Updated: | Jun 25 2012 11:20PM |
| Credit: | Adam Gowdiak |
| Vulnerable: |
Apple QuickTime Player 7.7.1 |
| Not Vulnerable: | |
Discussion
Apple QuickTime Java Extension Multiple Security Bypass Vulnerabilities
Apple QuickTime Java Extension is prone to multiple security-bypass vulnerabilities.
Attackers can exploit these issues to bypass certain security restrictions and modify application settings or to execute arbitrary code.
Apple QuickTime Java Extension is prone to multiple security-bypass vulnerabilities.
Attackers can exploit these issues to bypass certain security restrictions and modify application settings or to execute arbitrary code.
Exploit / POC
Apple QuickTime Java Extension Multiple Security Bypass Vulnerabilities
An attacker can exploit this issue using readily available tools.
An attacker can exploit this issue using readily available tools.
Solution / Fix
Apple QuickTime Java Extension Multiple Security Bypass Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Apple QuickTime Java Extension Multiple Security Bypass Vulnerabilities
References:
References:
- Apple QuickTime Homepage (Apple)
- Security Vulnerability Repor (Adam Gowdiak)
- [SE-2012-01] Security weakness in Apple Quicktime Java extensions (Security Explorations)