Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:mac_os_x:10.5.6
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-0019 |
Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2009-0018 |
The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-0017 |
csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2009-0015 |
Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management." Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0014 |
Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2009-0013 |
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2009-0012 |
Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2009-0011 |
Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file. Published: February 12, 2009; 7:30:04 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2009-0009 |
Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption. Published: February 12, 2009; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-0142 |
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic." Published: February 12, 2009; 6:30:01 PM -0500 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2008-3529 |
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Published: September 12, 2008; 12:56:20 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2008-2939 |
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. Published: August 06, 2008; 2:41:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-6166 |
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. Published: November 28, 2007; 8:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-0712 |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. Published: March 05, 2007; 5:19:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-0714 |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. Published: March 05, 2007; 5:19:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |