VYPR

Mac OS X Server

by Apple Inc.

CVEs (668)

  • CVE-2009-0154May 13, 2009
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font.

  • CVE-2009-0153May 13, 2009
    risk 0.00cvss epss 0.04

    International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle…

  • CVE-2009-0150May 13, 2009
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image.

  • CVE-2009-0149May 13, 2009
    risk 0.00cvss epss 0.00

    Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption.

  • CVE-2009-0145May 13, 2009
    risk 0.00cvss epss 0.05

    CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers…

  • CVE-2009-0144May 13, 2009
    risk 0.00cvss epss 0.02

    CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections.

  • CVE-2008-1517May 13, 2009
    risk 0.00cvss epss 0.00

    Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (system shutdown) via unspecified vectors related to workqueues.

  • CVE-2009-0140Feb 13, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name.

  • CVE-2009-0139Feb 13, 2009
    risk 0.00cvss epss 0.03

    Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow.

  • CVE-2009-0138Feb 13, 2009
    risk 0.00cvss epss 0.04

    servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration.

  • CVE-2009-0020Feb 13, 2009
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption.

  • CVE-2009-0019Feb 13, 2009
    risk 0.00cvss epss 0.02

    Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access.

  • CVE-2009-0018Feb 13, 2009
    risk 0.00cvss epss 0.03

    The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory.

  • CVE-2009-0017Feb 13, 2009
    risk 0.00cvss epss 0.00

    csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow.

  • CVE-2009-0015Feb 13, 2009
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management."

  • CVE-2009-0014Feb 13, 2009
    risk 0.00cvss epss 0.00

    Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.

  • CVE-2009-0013Feb 13, 2009
    risk 0.00cvss epss 0.00

    dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.

  • CVE-2009-0012Feb 13, 2009
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

  • CVE-2009-0011Feb 13, 2009
    risk 0.00cvss epss 0.00

    Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.

  • CVE-2009-0009Feb 13, 2009
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption.

Page 20 of 34