CVE-2007-2175

NONECVSS 0.0

0.0

Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007.

🔗 References (24)

cve@mitrehttp://cansecwest.com/post/2007-04-20-14:54:00.First_Mac_Hacked_Cancel_Or_Allow
cve@mitrehttp://docs.info.apple.com/article.html?artnum=305446
cve@mitrehttp://lists.apple.com/archives/security-announce/2007/May/msg00001.html
cve@mitrehttp://www.kb.cert.org/vuls/id/420668
cve@mitrehttp://www.matasano.com/log/806/hot-off-the-matasano-sms-queue-cansec-macbook-challenge-won/
cve@mitrehttp://www.matasano.com/log/812/breaking-macbook-vuln-in-quicktime-affects-win32-apple-code/
cve@mitrehttp://www.osvdb.org/34178
cve@mitrehttp://www.securityfocus.com/archive/1/467319/100/0/threaded
cve@mitrehttp://www.securitytracker.com/id?1017950
cve@mitrehttp://www.theregister.co.uk/2007/04/20/pwn-2-own_winner/
cve@mitrehttp://www.zerodayinitiative.com/advisories/ZDI-07-023.html
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/33827
af854a3a-2127-422b-91ae-364da2661108http://cansecwest.com/post/2007-04-20-14:54:00.First_Mac_Hacked_Cancel_Or_Allow
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=305446
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2007/May/msg00001.html

Is Your Infrastructure Affected by CVE-2007-2175?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-2175

📅 Published

🔄 Last Modified

🔗 References (24)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-2175?