VYPR

Mac OS X Server

by Apple Inc.

CVEs (668)

  • CVE-2007-0751May 24, 2007
    risk 0.00cvss epss 0.00

    A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.

  • CVE-2007-0750May 24, 2007
    risk 0.00cvss epss 0.04

    Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file.

  • CVE-2007-0745May 2, 2007
    risk 0.00cvss epss 0.01

    The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories.

  • CVE-2007-0735Apr 24, 2007
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions…

  • CVE-2007-0747Apr 24, 2007
    risk 0.00cvss epss 0.01

    load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.

  • CVE-2007-0744Apr 24, 2007
    risk 0.00cvss epss 0.00

    SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.

  • CVE-2007-0736Apr 24, 2007
    risk 0.00cvss epss 0.05

    Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.

  • CVE-2007-0729Apr 24, 2007
    risk 0.00cvss epss 0.01

    Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.

  • CVE-2007-0732Apr 24, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port."

  • CVE-2007-0725Apr 24, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands."

  • CVE-2007-0721Mar 13, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption.

  • CVE-2007-0722Mar 13, 2007
    risk 0.00cvss epss 0.04

    Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.

  • CVE-2007-0724Mar 13, 2007
    risk 0.00cvss epss 0.01

    The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.

  • CVE-2007-0726Mar 13, 2007
    risk 0.00cvss epss 0.04

    The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust…

  • CVE-2007-0723Mar 13, 2007
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.

  • CVE-2007-0731Mar 13, 2007
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.

  • CVE-2007-0728Mar 13, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.

  • CVE-2007-0719Mar 13, 2007
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile.

  • CVE-2006-5681Dec 20, 2006
    risk 0.00cvss epss 0.02

    QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.

  • CVE-2006-6353Dec 7, 2006
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS…

Page 26 of 34