PT-2007-4987 · Oracle+1 · Java+2
Publicado
2007-08-03
·
Atualizado
2017-07-29
·
CVE-2007-3746
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Java interface to CoreAudio on Mac OS X versions 10.3.9 through 10.4.10
Description
The issue is related to improper bounds checking of heap read and write operations in the Java interface to CoreAudio. This allows remote attackers to execute arbitrary code via a crafted applet.
Recommendations
For Mac OS X versions 10.3.9 through 10.4.10, consider disabling the Java interface to CoreAudio as a temporary workaround until a patch is available. Restrict access to the CoreAudio interface to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Coreaudio
Java
Macos X