Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.2.7
There are 3,252 matching records.
Displaying matches 3,041 through 3,060.
Vuln ID Summary CVSS Severity
CVE-2010-3638

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors.

Published: November 07, 2010; 5:00:01 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-3654

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.

Published: October 29, 2010; 3:00:02 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-3887

The Limit Mail feature in the Parental Controls functionality in Mail on Apple Mac OS X does not properly enforce the correspondence whitelist, which allows remote attackers to bypass intended access restrictions and conduct e-mail communication by leveraging knowledge of a child's e-mail address and a parent's e-mail address, related to parental notification of unapproved e-mail addresses.

Published: October 08, 2010; 6:00:36 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-3623

Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Published: October 06, 2010; 1:00:16 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-2530

Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.

Published: September 29, 2010; 1:00:04 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2010-2884

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.

Published: September 15, 2010; 2:00:44 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-2770

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL.

Published: September 09, 2010; 3:00:02 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-2808

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.

Published: August 19, 2010; 2:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2807

FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2806

Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.

Published: August 19, 2010; 2:00:05 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2805

The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2520

Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2010-2519

Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2500

Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2499

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2498

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.

Published: August 19, 2010; 2:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2497

Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Published: August 19, 2010; 2:00:03 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1898

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability."

Published: August 11, 2010; 2:47:50 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-0019

Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage) via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability."

Published: August 11, 2010; 2:47:49 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1777

Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.

Published: July 30, 2010; 9:26:13 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH