Mac Os X Server Security Vulnerabilities and Issues — Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

18 matches found

CVE•added 2011/03/23 2:0 a.m.•61 views

CVE-2011-0173

Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an Appl...

6.8CVSS6.8AI score0.00659EPSS

CVE•added 2011/03/23 2:0 a.m.•58 views

CVE-2011-0182

The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.

7.2CVSS5.5AI score0.0039EPSS

CVE•added 2011/03/23 2:0 a.m.•57 views

CVE-2011-0175

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font.

6.8CVSS6.4AI score0.01577EPSS

CVE•added 2011/03/23 2:0 a.m.•57 views

CVE-2011-0178

The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory.

2.1CVSS5.2AI score0.00049EPSS

CVE•added 2011/03/11 5:55 p.m.•53 views

CVE-2011-1417

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a c...

6.8CVSS6.3AI score0.04317EPSS

CVE•added 2011/03/23 2:0 a.m.•51 views

CVE-2011-0189

The default configuration of Terminal in Apple Mac OS X 10.6 before 10.6.7 uses SSH protocol version 1 within the New Remote Connection dialog, which might make it easier for man-in-the-middle attackers to spoof SSH servers by leveraging protocol vulnerabilities.

5CVSS5.7AI score0.00222EPSS

CVE•added 2011/03/23 2:0 a.m.•50 views

CVE-2011-0190

Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server.

4.3CVSS5.7AI score0.00229EPSS

CVE•added 2011/03/23 2:0 a.m.•46 views

CVE-2011-0174

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font.

6.8CVSS6.5AI score0.01477EPSS

CVE•added 2011/03/23 2:0 a.m.•46 views

CVE-2011-0180

Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call.

2.1CVSS5.6AI score0.00089EPSS

CVE•added 2011/03/23 2:0 a.m.•45 views

CVE-2011-0183

Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue."

5CVSS4.8AI score0.00699EPSS

CVE•added 2011/03/23 2:0 a.m.•44 views

CVE-2011-0176

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font.

6.8CVSS6.4AI score0.01577EPSS

CVE•added 2011/03/23 2:0 a.m.•44 views

CVE-2011-0181

Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.

6.8CVSS6.2AI score0.12356EPSS

CVE•added 2011/03/23 2:0 a.m.•44 views

CVE-2011-0193

Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.

6.8CVSS6.7AI score0.01162EPSS

CVE•added 2011/03/23 2:0 a.m.•43 views

CVE-2011-0177

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font.

6.8CVSS6.4AI score0.01477EPSS

CVE•added 2011/03/23 2:0 a.m.•43 views

CVE-2011-0184

QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a crafted formula that uses unspecified opcodes.

6.8CVSS6.9AI score0.02428EPSS

CVE•added 2011/03/23 2:0 a.m.•43 views

CVE-2011-0194

Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

6.8CVSS6.7AI score0.01097EPSS

CVE•added 2011/03/23 2:0 a.m.•41 views

CVE-2011-0179

CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font.

6.8CVSS6.8AI score0.01178EPSS

CVE•added 2011/03/23 2:0 a.m.•40 views

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162.

4.9CVSS5.7AI score0.01975EPSS