Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-2809 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." | ||||
CVE-2009-2807 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | ||||
CVE-2009-2805 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | ||||
CVE-2009-2804 | 2 Apple, Microsoft | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2017-08-17 | N/A |
Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | ||||
CVE-2009-2803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | ||||
CVE-2009-2800 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. | ||||
CVE-2009-2194 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Apple Mac OS X 10.5 before 10.5.8 does not properly share file descriptors over local sockets, which allows local users to cause a denial of service (system crash) by placing file descriptors in messages sent to a socket that has no receiver, related to a "synchronization issue." | ||||
CVE-2009-2193 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet. | ||||
CVE-2009-2192 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a "logic issue." | ||||
CVE-2009-2191 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name. | ||||
CVE-2009-2190 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to cause a denial of service (individual service outage) by making many connections to an inetd-based launchd service. | ||||
CVE-2009-2188 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata. | ||||
CVE-2009-1728 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digital Camera RAW Compatibility Update 2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. | ||||
CVE-2009-1727 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari. | ||||
CVE-2009-1723 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in certain 302 redirection scenarios, which makes it easier for remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability, a different issue than CVE-2009-2062. | ||||
CVE-2009-0943 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files. | ||||
CVE-2009-0942 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | N/A |
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files. | ||||
CVE-2009-0162 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2017-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. | ||||
CVE-2009-0161 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 misinterprets an unspecified invalid response as a successful OCSP certificate validation, which might allow remote attackers to spoof certificate authentication via a revoked certificate. | ||||
CVE-2009-0157 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers. |