Mac Os X Server@10.4.7 Security Vulnerabilities and Issues — Mac Os X Server@10.4.7 CVE List

Lucene search

AppleMac Os X Server10.4.7

19 matches found

CVE•added 2006/08/03 1:4 a.m.•55 views

CVE-2006-3505

WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.

7.5CVSS7.3AI score0.02435EPSS

CVE•added 2006/08/03 1:4 a.m.•50 views

CVE-2006-3503

Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image.

5.1CVSS7.4AI score0.01052EPSS

CVE•added 2006/08/03 1:4 a.m.•49 views

CVE-2006-0393

OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang.

4CVSS6.3AI score0.00755EPSS

CVE•added 2006/08/03 1:4 a.m.•47 views

CVE-2006-3502

Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.

5.1CVSS7.2AI score0.00776EPSS

CVE•added 2006/08/02 4:4 p.m.•45 views

CVE-2006-3495

AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.

2.1CVSS5.8AI score0.00072EPSS

CVE•added 2006/08/02 4:4 p.m.•44 views

CVE-2006-3497

Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.

5.1CVSS7.3AI score0.014EPSS

CVE•added 2006/09/21 9:7 p.m.•44 views

CVE-2006-3509

Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.

7.2CVSS7.5AI score0.0015EPSS

CVE•added 2006/08/02 4:4 p.m.•43 views

CVE-2006-3498

Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request.

10CVSS7.7AI score0.09175EPSS

CVE•added 2006/12/20 2:28 a.m.•43 views

CVE-2006-5681

QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.

2.6CVSS6.2AI score0.00627EPSS

CVE•added 2006/08/02 4:4 p.m.•42 views

CVE-2006-1473

Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors.

5CVSS7.7AI score0.07916EPSS

CVE•added 2006/08/03 1:4 a.m.•42 views

CVE-2006-3501

Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image.

5.1CVSS7.6AI score0.01052EPSS

CVE•added 2006/08/03 1:4 a.m.•42 views

CVE-2006-3504

The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.

5.1CVSS6.3AI score0.00421EPSS

CVE•added 2006/09/21 9:7 p.m.•41 views

CVE-2006-3507

Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network.

7.2CVSS7.3AI score0.00976EPSS

CVE•added 2006/08/03 1:4 a.m.•40 views

CVE-2006-0392

Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.

5.1CVSS7.4AI score0.00747EPSS

CVE•added 2006/08/02 4:4 p.m.•40 views

CVE-2006-3496

AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition.

5CVSS6.2AI score0.01903EPSS

CVE•added 2006/08/03 1:4 a.m.•40 views

CVE-2006-3500

The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.

7.2CVSS7AI score0.00066EPSS

CVE•added 2006/09/21 9:7 p.m.•39 views

CVE-2006-3508

Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.

7.2CVSS7.7AI score0.00195EPSS

CVE•added 2006/09/19 7:7 p.m.•38 views

CVE-2006-4866

Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.

4.6CVSS7.6AI score0.00642EPSS

CVE•added 2006/08/21 7:4 p.m.•35 views

CVE-2006-3506

Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."

4.6CVSS7.5AI score0.00176EPSS