VYPR

Mac OS X Server

by Apple Inc.

CVEs (668)

  • CVE-2006-6127Nov 27, 2006
    risk 0.00cvss epss 0.00

    Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.

  • CVE-2006-6126Nov 27, 2006
    risk 0.00cvss epss 0.00

    Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.

  • CVE-2006-3509Sep 21, 2006
    risk 0.00cvss epss 0.01

    Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.

  • CVE-2006-3508Sep 21, 2006
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.

  • CVE-2006-3506Aug 21, 2006
    risk 0.00cvss epss 0.00

    Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."

  • CVE-2006-3504Aug 3, 2006
    risk 0.00cvss epss 0.01

    The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.

  • CVE-2006-3505Aug 3, 2006
    risk 0.00cvss epss 0.04

    WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.

  • CVE-2006-3499Aug 3, 2006
    risk 0.00cvss epss 0.00

    The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications.

  • CVE-2006-3502Aug 3, 2006
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.

  • CVE-2006-0392Aug 3, 2006
    risk 0.00cvss epss 0.03

    Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.

  • CVE-2006-3503Aug 3, 2006
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image.

  • CVE-2006-3501Aug 3, 2006
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image.

  • CVE-2006-3500Aug 3, 2006
    risk 0.00cvss epss 0.00

    The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.

  • CVE-2006-0393Aug 3, 2006
    risk 0.00cvss epss 0.02

    OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang.

  • CVE-2006-1472Aug 2, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results.

  • CVE-2006-3496Aug 2, 2006
    risk 0.00cvss epss 0.03

    AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition.

  • CVE-2006-3495Aug 2, 2006
    risk 0.00cvss epss 0.01

    AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.

  • CVE-2006-1473Aug 2, 2006
    risk 0.00cvss epss 0.05

    Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors.

  • CVE-2006-3497Aug 2, 2006
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.

  • CVE-2006-3356Jul 6, 2006
    risk 0.00cvss epss 0.01

    The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue…

Page 27 of 34