VYPR

Mac OS X

by Apple Inc.

CVEs (2,090)

  • CVE-2006-3508Sep 21, 2006
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.

  • CVE-2006-3509Sep 21, 2006
    risk 0.00cvss epss 0.01

    Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.

  • CVE-2006-4887Sep 19, 2006
    risk 0.00cvss epss 0.00

    Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be…

  • CVE-2006-3506Aug 21, 2006
    risk 0.00cvss epss 0.00

    Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."

  • CVE-2006-3504Aug 3, 2006
    risk 0.00cvss epss 0.01

    The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.

  • CVE-2006-3505Aug 3, 2006
    risk 0.00cvss epss 0.04

    WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.

  • CVE-2006-3502Aug 3, 2006
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.

  • CVE-2006-3503Aug 3, 2006
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image.

  • CVE-2006-3499Aug 3, 2006
    risk 0.00cvss epss 0.00

    The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications.

  • CVE-2006-0393Aug 3, 2006
    risk 0.00cvss epss 0.02

    OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang.

  • CVE-2006-3500Aug 3, 2006
    risk 0.00cvss epss 0.00

    The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.

  • CVE-2006-0392Aug 3, 2006
    risk 0.00cvss epss 0.03

    Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.

  • CVE-2006-3501Aug 3, 2006
    risk 0.00cvss epss 0.03

    Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image.

  • CVE-2006-3495Aug 2, 2006
    risk 0.00cvss epss 0.01

    AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.

  • CVE-2006-1473Aug 2, 2006
    risk 0.00cvss epss 0.05

    Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors.

  • CVE-2006-1472Aug 2, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results.

  • CVE-2006-3496Aug 2, 2006
    risk 0.00cvss epss 0.03

    AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition.

  • CVE-2006-3497Aug 2, 2006
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.

  • CVE-2006-3946Jul 31, 2006
    risk 0.00cvss epss 0.05

    WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally…

  • CVE-2006-3356Jul 6, 2006
    risk 0.00cvss epss 0.01

    The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue…

Page 94 of 105