Apple QuickTime QTJava 'toQTPointer()' Arbitrary Memory Access Vulnerability
Severity: : High
CVE Kennungen: : CVE-2007-2175
Advisory Date: 21 de lipca de 2015
DESCRIPTION
Apple QuickTime Java extensions (QTJava.dll), as used in Safari, when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1006001
Trend Micro Deep Security DPI Rule Name: 1006001 - Apple QuickTime QTJava 'toQTPointer()' Arbitrary Memory Access Vulnerability
AFFECTED SOFTWARE AND VERSION:
- Apple Safari