National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:apple:mac_os_x_server:10.6.4
There are 165 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2010-3785

Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document.

Published: November 16, 2010; 05:00:16 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-3784

The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls.

Published: November 16, 2010; 05:00:15 PM -05:00
    V2: 5.0 MEDIUM
CVE-2010-3783

Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.

Published: November 16, 2010; 05:00:15 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1847

The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors.

Published: November 16, 2010; 05:00:15 PM -05:00
    V2: 4.9 MEDIUM
CVE-2010-1846

Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image.

Published: November 16, 2010; 05:00:15 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1845

ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PSD image.

Published: November 16, 2010; 05:00:15 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1844

Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image.

Published: November 16, 2010; 05:00:15 PM -05:00
    V2: 7.1 HIGH
CVE-2010-1843

Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet.

Published: November 16, 2010; 05:00:02 PM -05:00
    V2: 7.8 HIGH
CVE-2010-1842

Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a bidirectional text string with ellipsis truncation.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 9.3 HIGH
CVE-2010-1841

Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 9.3 HIGH
CVE-2010-1840

Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 7.5 HIGH
CVE-2010-1838

Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors associated with disabled mobile accounts, which allows remote attackers to bypass authentication by providing a valid account name.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 4.4 MEDIUM
CVE-2010-1837

CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1836

Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1834

CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 5.8 MEDIUM
CVE-2010-1833

Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1832

Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a crafted embedded font in a document.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1831

Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-1830

AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 5.0 MEDIUM
CVE-2010-1829

Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share.

Published: November 15, 2010; 06:00:04 PM -05:00
    V2: 6.0 MEDIUM