arrow_back
search
close

Apple QuickTime QTJava 'toQTPointer()' Arbitrary Memory Access Vulnerability

  Severity: HIGH
  CVE Identifier: CVE-2007-2175
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Apple QuickTime Java extensions (QTJava.dll), as used in Safari, when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1006001
  Trend Micro Deep Security DPI Rule Name: 1006001 - Apple QuickTime QTJava 'toQTPointer()' Arbitrary Memory Access Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • Apple Safari