Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-0730 | 1 Apple | 2 Mac Os X, Server Manager | 2017-07-28 | 6.8 MEDIUM | N/A |
Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration. | |||||
CVE-2007-0715 | 1 Apple | 1 Quicktime | 2017-07-28 | 5.8 MEDIUM | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file. | |||||
CVE-2007-0726 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 5.0 MEDIUM | N/A |
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys. | |||||
CVE-2007-0462 | 1 Apple | 2 Mac Os X, Quicktime | 2017-07-28 | 10.0 HIGH | N/A |
The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption. | |||||
CVE-2007-0229 | 2 Apple, Freebsd | 3 Mac Os X, Mac Os X Server, Freebsd | 2017-07-28 | 7.2 HIGH | N/A |
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem. | |||||
CVE-2007-0467 | 1 Apple | 1 Mac Os X | 2017-07-28 | 6.2 MEDIUM | N/A |
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/. | |||||
CVE-2007-0465 | 1 Apple | 2 Installer, Mac Os X | 2017-07-28 | 7.6 HIGH | N/A |
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename. | |||||
CVE-2007-0724 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 6.9 MEDIUM | N/A |
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console. | |||||
CVE-2007-0728 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 4.4 MEDIUM | N/A |
Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files. | |||||
CVE-2007-0716 | 1 Apple | 1 Quicktime | 2017-07-28 | 5.8 MEDIUM | N/A |
Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. | |||||
CVE-2007-0717 | 1 Apple | 1 Quicktime | 2017-07-28 | 5.8 MEDIUM | N/A |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. | |||||
CVE-2007-0731 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. | |||||
CVE-2007-0733 | 1 Apple | 2 Imageio, Mac Os X | 2017-07-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption. | |||||
CVE-2007-0736 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 9.3 HIGH | N/A |
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. | |||||
CVE-2007-0740 | 1 Apple | 1 Mac Os X | 2017-07-28 | 6.8 MEDIUM | N/A |
Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files. | |||||
CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2017-07-28 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | |||||
CVE-2006-6127 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 2.1 LOW | N/A |
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent. | |||||
CVE-2006-6126 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 2.1 LOW | N/A |
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure. | |||||
CVE-2006-6129 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 4.6 MEDIUM | N/A |
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption. | |||||
CVE-2006-6130 | 1 Apple | 1 Mac Os X | 2017-07-28 | 4.9 MEDIUM | N/A |
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket. |