Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.2.7
There are 3,252 matching records.
Displaying matches 2,861 through 2,880.
Vuln ID Summary CVSS Severity
CVE-2012-0659

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0658

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0657

Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-0655

libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that uses a short key.

Published: May 10, 2012; 11:49:58 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2012-0654

libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate.

Published: May 10, 2012; 11:49:58 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0649

Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file.

Published: May 10, 2012; 11:49:58 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2012-0777

The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: April 10, 2012; 7:55:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-3058

Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

Published: March 30, 2012; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-0773

The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: March 28, 2012; 3:55:00 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-1929

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area.

Published: March 27, 2012; 11:22:10 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2012-0769

Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.

Published: March 05, 2012; 4:55:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0768

The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: March 05, 2012; 4:55:00 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0767

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.

Published: February 16, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-0756

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755.

Published: February 16, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0755

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0756.

Published: February 16, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0754

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 16, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0753

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data.

Published: February 16, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0752

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."

Published: February 16, 2012; 2:55:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0751

The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: February 16, 2012; 2:55:00 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0014

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Unmanaged Objects Vulnerability."

Published: February 14, 2012; 5:55:01 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH