Mac Os X Server Security Vulnerabilities and Issues — Page 2 of Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

62 matches found

CVE•added 2011/10/14 10:55 a.m.•42 views

CVE-2011-3228

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

6.8CVSS8.7AI score0.01383EPSS

CVE•added 2011/03/23 2:0 a.m.•41 views

CVE-2011-0179

CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font.

6.8CVSS6.8AI score0.01178EPSS

CVE•added 2011/06/24 8:55 p.m.•41 views

CVE-2011-0205

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

6.8CVSS6.6AI score0.06115EPSS

CVE•added 2011/10/14 10:55 a.m.•41 views

CVE-2011-0231

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

5CVSS7.8AI score0.00291EPSS

CVE•added 2011/03/23 2:0 a.m.•40 views

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162.

4.9CVSS5.7AI score0.01975EPSS

CVE•added 2011/06/24 8:55 p.m.•40 views

CVE-2011-0198

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

6.8CVSS6.4AI score0.11351EPSS

CVE•added 2011/10/14 10:55 a.m.•40 views

CVE-2011-0229

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

6.8CVSS8.3AI score0.01825EPSS

CVE•added 2011/10/14 10:55 a.m.•40 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-m...

6.8CVSS8.5AI score0.0063EPSS

CVE•added 2011/06/24 8:55 p.m.•39 views

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.

5.9CVSS4.9AI score0.00173EPSS

CVE•added 2011/06/24 8:55 p.m.•39 views

CVE-2011-0203

Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing.

5CVSS5.2AI score0.0017EPSS

CVE•added 2011/01/10 8:0 p.m.•38 views

CVE-2010-4013

Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to interaction between Software Update and distribution scripts.

6.8CVSS7.4AI score0.00717EPSS

CVE•added 2011/10/14 10:55 a.m.•36 views

CVE-2011-3216

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

2.1CVSS7.5AI score0.00058EPSS

Total number of security vulnerabilities62