Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-0156 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read. | ||||
CVE-2009-0155 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow. | ||||
CVE-2009-0151 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not prevent four-finger Multi-Touch gestures, which allows physically proximate attackers to bypass locking and "manage applications or use Expose" via unspecified vectors. | ||||
CVE-2009-0150 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image. | ||||
CVE-2009-0149 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption. | ||||
CVE-2009-0145 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers memory corruption. | ||||
CVE-2009-0144 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections. | ||||
CVE-2009-0013 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information. | ||||
CVE-2009-0011 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file. | ||||
CVE-2009-0009 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption. | ||||
CVE-2008-4234 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a "potentially unsafe" warning message. | ||||
CVE-2008-4215 | 1 Apple | 1 Mac Os X Server | 2017-08-08 | N/A |
Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions. | ||||
CVE-2008-4214 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files. | ||||
CVE-2008-4212 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions. | ||||
CVE-2008-3647 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment. | ||||
CVE-2008-3645 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. | ||||
CVE-2008-3643 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue." | ||||
CVE-2008-3642 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile. | ||||
CVE-2008-3638 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which allows remote attackers to execute arbitrary programs. | ||||
CVE-2008-3622 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection." |