Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:mac_os_x_server:10.5.8
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-1845 |
ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PSD image. Published: November 16, 2010; 5:00:15 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1841 |
Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-1840 |
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2010-1838 |
Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2010-1837 |
CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1836 |
Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1832 |
Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a crafted embedded font in a document. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1831 |
Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1830 |
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-1829 |
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. Published: November 15, 2010; 6:00:04 PM -0500 |
V3.x:(not available) V2.0: 6.0 MEDIUM |
CVE-2010-1828 |
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon restart) via crafted reconnect authentication packets. Published: November 15, 2010; 6:00:03 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-1808 |
Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. Published: August 25, 2010; 4:00:16 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1802 |
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com. Published: August 25, 2010; 4:00:16 PM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2010-1801 |
Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file. Published: August 25, 2010; 4:00:16 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1796 |
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields. Published: July 30, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2010-1793 |
Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document. Published: July 30, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-1792 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression. Published: July 30, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-1791 |
Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. Published: July 30, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-1790 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to a "reentrancy issue." Published: July 30, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-1789 |
Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaScript string object. Published: July 30, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |