VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2010-0526Mar 30, 2010
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not…

  • CVE-2010-0525Mar 30, 2010
    risk 0.00cvss epss 0.01

    Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient, which might make it easier for remote attackers to obtain sensitive information via a brute-force…

  • CVE-2010-0524Mar 30, 2010
    risk 0.00cvss epss 0.01

    The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EAP-TLS authenticated connections on the basis of an arbitrary client certificate, which allows remote attackers to obtain network connectivity via a crafted RADIUS Access Request…

  • CVE-2010-0521Mar 30, 2010
    risk 0.00cvss epss 0.02

    Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests.

  • CVE-2010-0518Mar 30, 2010
    risk 0.00cvss epss 0.03

    QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with Sorenson encoding.

  • CVE-2010-0517Mar 30, 2010
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with M-JPEG encoding, which causes QuickTime to calculate a buffer size using…

  • CVE-2010-0516Mar 30, 2010
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding, which triggers memory corruption when the length of decompressed…

  • CVE-2010-0515Mar 30, 2010
    risk 0.00cvss epss 0.03

    QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with H.264 encoding.

  • CVE-2010-0514Mar 30, 2010
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.261 encoding.

  • CVE-2010-0513Mar 30, 2010
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScript document.

  • CVE-2010-0512Mar 30, 2010
    risk 0.00cvss epss 0.02

    The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering…

  • CVE-2010-0511Mar 30, 2010
    risk 0.00cvss epss 0.01

    Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the access restrictions of a Podcast Composer workflow when this workflow is overwritten, which allows attackers to access a workflow via unspecified vectors.

  • CVE-2010-0509Mar 30, 2010
    risk 0.00cvss epss 0.00

    SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts.

  • CVE-2010-0508Mar 30, 2010
    risk 0.00cvss epss 0.02

    Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors.

  • CVE-2010-0507Mar 30, 2010
    risk 0.00cvss epss 0.03

    Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image.

  • CVE-2010-0506Mar 30, 2010
    risk 0.00cvss epss 0.03

    Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted NEF image.

  • CVE-2010-0505Mar 30, 2010
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 (JPEG2000) image, related to incorrect calculation and the CGImageReadGetBytesAtOffset…

  • CVE-2010-0500Mar 30, 2010
    risk 0.00cvss epss 0.02

    Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue."

  • CVE-2010-0498Mar 30, 2010
    risk 0.00cvss epss 0.00

    Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.

  • CVE-2010-0497Mar 30, 2010
    risk 0.00cvss epss 0.03

    Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers to execute arbitrary code via a package file type.

Page 78 of 105