VYPR

Mac OS X Server

by Apple Inc.

CVEs (668)

  • CVE-2006-0396Mar 14, 2006
    risk 0.04cvss epss 0.11

    Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user…

  • CVE-2005-4504Dec 22, 2005
    risk 0.04cvss epss 0.12

    The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute…

  • CVE-2004-0486Jul 7, 2004
    risk 0.04cvss epss 0.10

    HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a…

  • CVE-2015-5722Sep 5, 2015
    risk 0.03cvss epss 0.34

    buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.

  • CVE-2011-0182Mar 23, 2011
    risk 0.03cvss epss 0.02

    The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.

  • CVE-2011-0180Mar 23, 2011
    risk 0.03cvss epss 0.01

    Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call.

  • CVE-2009-2820Nov 10, 2009
    risk 0.03cvss epss 0.06

    The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks…

  • CVE-2009-1238Apr 2, 2009
    risk 0.03cvss epss 0.01

    Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads,…

  • CVE-2009-1237Apr 2, 2009
    risk 0.03cvss epss 0.01

    Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.

  • CVE-2009-1235Apr 2, 2009
    risk 0.03cvss epss 0.01

    XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain…

  • CVE-2008-1000Mar 18, 2008
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments.

  • CVE-2007-0753May 24, 2007
    risk 0.03cvss epss 0.01

    Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.

  • CVE-2007-0752May 24, 2007
    risk 0.03cvss epss 0.01

    The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.

  • CVE-2007-0229Jan 13, 2007
    risk 0.03cvss epss 0.01

    Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer…

  • CVE-2007-0117Jan 9, 2007
    risk 0.03cvss epss 0.05

    DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon…

  • CVE-2006-6129Nov 27, 2006
    risk 0.03cvss epss 0.01

    Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.

  • CVE-2006-6062Nov 22, 2006
    risk 0.03cvss epss 0.05

    Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.

  • CVE-2006-3507Sep 21, 2006
    risk 0.03cvss epss 0.01

    Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network.

  • CVE-2006-4866Sep 19, 2006
    risk 0.03cvss epss 0.01

    Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.

  • CVE-2005-2713Dec 31, 2005
    risk 0.03cvss epss 0.01

    passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.

Page 4 of 34