VYPR

CoreAudio

by Apple Inc.

CVEs (5)

  • CVE-2010-0036HigJan 20, 2010
    risk 0.51cvss 7.8epss 0.04

    Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.

  • CVE-2010-0060Mar 30, 2010
    risk 0.00cvss epss 0.03

    CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDMC encoding.

  • CVE-2007-3747Aug 3, 2007
    risk 0.00cvss epss 0.03

    The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote attackers to execute arbitrary code via a crafted applet.

  • CVE-2007-3746Aug 3, 2007
    risk 0.00cvss epss 0.03

    The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet.

  • CVE-2007-3745Aug 3, 2007
    risk 0.00cvss epss 0.03

    The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code.