Mac Os X Server Security Vulnerabilities and Issues — Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

11 matches found

CVE•added 2012/05/11 3:49 a.m.•125 views

CVE-2012-0659

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

6.8CVSS8.5AI score0.01774EPSS

CVE•added 2012/05/11 3:49 a.m.•48 views

CVE-2012-0657

Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors.

2.1CVSS7.7AI score0.00075EPSS

CVE•added 2012/05/11 3:49 a.m.•47 views

CVE-2012-0654

libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate.

6.8CVSS8.5AI score0.00562EPSS

CVE•added 2012/05/11 3:49 a.m.•46 views

CVE-2012-0655

libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that...

6.4CVSS7.8AI score0.00227EPSS

CVE•added 2012/05/11 3:49 a.m.•46 views

CVE-2012-0658

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.

6.8CVSS8.7AI score0.01482EPSS

CVE•added 2012/05/11 3:49 a.m.•46 views

CVE-2012-0660

Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

6.8CVSS8.4AI score0.01774EPSS

CVE•added 2012/05/11 3:49 a.m.•45 views

CVE-2012-0675

Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.

4.3CVSS7.7AI score0.00314EPSS

CVE•added 2012/05/11 3:49 a.m.•44 views

CVE-2012-0649

Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file.

6.9CVSS7.3AI score0.00035EPSS

CVE•added 2012/05/11 3:49 a.m.•43 views

CVE-2012-0661

Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.

6.8CVSS8.4AI score0.01993EPSS

CVE•added 2012/05/11 3:49 a.m.•42 views

CVE-2012-0651

The directory server in Directory Service in Apple Mac OS X 10.6.8 allows remote attackers to obtain sensitive information from process memory via a crafted message.

5CVSS7.2AI score0.00493EPSS

CVE•added 2012/05/11 3:49 a.m.•41 views

CVE-2012-0662

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

7.5CVSS8.9AI score0.01739EPSS