CVE-2007-2396 Information

Description

The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces which allows remote attackers to execute arbitrary code via crafted Java applets.

Reference

http://docs.info.apple.com/article.html?artnum=305947 http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html http://osvdb.org/36133 http://secunia.com/advisories/26034 http://www.securityfocus.com/bid/24873 http://www.securitytracker.com/id?1018373 http://www.us-cert.gov/cas/techalerts/TA07-193A.html http://www.vupen.com/english/advisories/2007/2510 https://exchange.xforce.ibmcloud.com/vulnerabilities/35360