Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.02896
Percentile: 0.85767

CVSS Scoring

Affected Products

• cpe:2.3:a:apple:quicktime:*:*:*:*:*:*:*:*

← Back to Home