mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
180 lines
5.6 KiB
JSON
180 lines
5.6 KiB
JSON
{
|
|
"id": "CVE-2007-2393",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-07-15T21:30:00.000",
|
|
"lastModified": "2018-10-30T16:25:17.590",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El dise\u00f1o del QuickTime para Java en el Apple Quicktime anterior al 7.2 permite a atacantes remotos evitar ciertos controles de seguridad y escribir en procesos de memoria a trav\u00e9s de applets de Java, posiblemente conllevando una ejecuci\u00f3n de c\u00f3digo de su elecci\u00f3n."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1EE08FAE-0862-4C36-95BC-878B04CBF397"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F075BA0F-4A96-4F25-AF1D-C64C7DCE1CDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8692B488-129A-49EA-AF84-6077FCDBB898"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1758610B-3789-489E-A751-386D605E5A08"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B535737C-BF32-471C-B26A-588632FCC427"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DF2C61F8-B376-40F9-8677-CADCC3295915"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6254BB56-5A25-49DC-A851-3CCA249BD71D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "795E3354-7824-4EF4-A788-3CFEB75734E4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9419A1E9-A0DA-4846-8959-BE50B53736E5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "952A8015-B18B-481C-AC17-60F0D7EEE085"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E518B27-A79B-43A4-AFA6-E59EF8E944D3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:quicktime:7.1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AEC6EF36-93B3-49BB-9A6F-1990E3F4170E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://docs.info.apple.com/article.html?artnum=305947",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/36135",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/26034",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/24873",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1018373",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.us-cert.gov/cas/techalerts/TA07-193A.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/2510",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35359",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |