VYPR

Mac OS X Server

by Apple Inc.

CVEs (668)

  • CVE-2011-3422Sep 12, 2011
    risk 0.00cvss epss 0.01

    The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate,…

  • CVE-2011-1132Jun 24, 2011
    risk 0.00cvss epss 0.00

    The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

  • CVE-2011-0212Jun 24, 2011
    risk 0.00cvss epss 0.02

    servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with…

  • CVE-2011-0208Jun 24, 2011
    risk 0.00cvss epss 0.03

    QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.

  • CVE-2011-0207Jun 24, 2011
    risk 0.00cvss epss 0.02

    The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network.

  • CVE-2011-0206Jun 24, 2011
    risk 0.00cvss epss 0.03

    Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.

  • CVE-2011-0205Jun 24, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

  • CVE-2011-0204Jun 24, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

  • CVE-2011-0203Jun 24, 2011
    risk 0.00cvss epss 0.02

    Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing.

  • CVE-2011-0202Jun 24, 2011
    risk 0.00cvss epss 0.02

    Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.

  • CVE-2011-0201Jun 24, 2011
    risk 0.00cvss epss 0.03

    Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow.

  • CVE-2011-0200Jun 24, 2011
    risk 0.00cvss epss 0.04

    Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow.

  • CVE-2011-0198Jun 24, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

  • CVE-2011-0197Jun 24, 2011
    risk 0.00cvss epss 0.00

    App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions.

  • CVE-2011-0196Jun 24, 2011
    risk 0.00cvss epss 0.02

    AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network.

  • CVE-2011-0194Mar 23, 2011
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

  • CVE-2011-0193Mar 23, 2011
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.

  • CVE-2011-0190Mar 23, 2011
    risk 0.00cvss epss 0.01

    Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server.

  • CVE-2011-0189Mar 23, 2011
    risk 0.00cvss epss 0.01

    The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities.

  • CVE-2011-0184Mar 23, 2011
    risk 0.00cvss epss 0.03

    QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a crafted formula that uses unspecified opcodes.

Page 11 of 34