Lucene search

K
AppleMac Os X Server10.3.9

20 matches found

CVE
CVE
added 2007/06/27 5:30 p.m.76 views

CVE-2007-1863

cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or...

5CVSS6.2AI score0.34512EPSS
CVE
CVE
added 2007/03/13 10:19 p.m.55 views

CVE-2007-0722

Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.

6.8CVSS8AI score0.09583EPSS
CVE
CVE
added 2007/03/13 9:19 p.m.51 views

CVE-2007-0719

Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile.

6.8CVSS8.1AI score0.13074EPSS
CVE
CVE
added 2007/03/13 10:19 p.m.48 views

CVE-2007-0726

The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were base...

5CVSS7.4AI score0.01123EPSS
CVE
CVE
added 2007/03/13 10:19 p.m.48 views

CVE-2007-0728

Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.

4.4CVSS7.3AI score0.00076EPSS
CVE
CVE
added 2007/11/15 1:46 a.m.48 views

CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.

10CVSS6.9AI score0.00524EPSS
CVE
CVE
added 2007/04/24 5:19 p.m.47 views

CVE-2007-0735

Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly...

9.3CVSS7.9AI score0.01481EPSS
CVE
CVE
added 2007/03/13 10:19 p.m.46 views

CVE-2007-0721

Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption.

6.8CVSS7.9AI score0.02355EPSS
CVE
CVE
added 2007/04/24 4:19 p.m.46 views

CVE-2007-0729

Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.

7.2CVSS6.1AI score0.00083EPSS
CVE
CVE
added 2007/06/25 7:30 p.m.46 views

CVE-2007-2401

CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the setRequestHeader function. NO...

4.3CVSS5.6AI score0.04116EPSS
CVE
CVE
added 2007/04/24 5:19 p.m.45 views

CVE-2007-0746

Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference".

10CVSS7.7AI score0.35054EPSS
CVE
CVE
added 2007/05/24 10:30 p.m.44 views

CVE-2007-0753

Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.

7.2CVSS7.4AI score0.00412EPSS
CVE
CVE
added 2007/05/24 10:30 p.m.42 views

CVE-2007-0751

A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.

2.1CVSS7.1AI score0.00073EPSS
CVE
CVE
added 2007/03/13 10:19 p.m.41 views

CVE-2007-0723

Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.

8.5CVSS7.4AI score0.02179EPSS
CVE
CVE
added 2007/04/24 5:19 p.m.41 views

CVE-2007-0744

SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.

7.2CVSS6.1AI score0.00066EPSS
CVE
CVE
added 2007/06/25 7:30 p.m.41 views

CVE-2007-2399

WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.

9.3CVSS7.4AI score0.1525EPSS
CVE
CVE
added 2007/08/03 10:17 a.m.41 views

CVE-2007-2404

CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting (XSS...

5CVSS5.7AI score0.00516EPSS
CVE
CVE
added 2007/04/24 4:19 p.m.39 views

CVE-2007-0725

Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands."

7.2CVSS7.2AI score0.00085EPSS
CVE
CVE
added 2007/04/24 5:19 p.m.39 views

CVE-2007-0736

Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.

9.3CVSS7.6AI score0.18668EPSS
CVE
CVE
added 2007/04/24 5:19 p.m.34 views

CVE-2007-0747

load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.

7.2CVSS6AI score0.00083EPSS