Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:mac_os_x:10.5.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2008-1000 |
Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments. Published: March 18, 2008; 7:44:00 PM -0400 |
V3.x:(not available) V2.0: 8.5 HIGH |
CVE-2008-0044 |
Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL. Published: March 18, 2008; 6:44:00 PM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2008-0046 |
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions. Published: March 18, 2008; 6:44:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2007-6276 |
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. Published: December 07, 2007; 6:46:00 AM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-5901 |
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Published: December 05, 2007; 9:46:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-5971 |
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Published: December 05, 2007; 9:46:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-6166 |
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Published: November 28, 2007; 8:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-0712 |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. Published: March 05, 2007; 5:19:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-0714 |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. Published: March 05, 2007; 5:19:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |