Mac Os X Server Security Vulnerabilities and Issues — Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

11 matches found

CVE•added 2009/09/14 4:30 p.m.•84 views

CVE-2009-2813

Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote aut...

6CVSS7AI score0.00366EPSS

CVE•added 2009/09/09 10:30 p.m.•61 views

CVE-2009-2205

Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

6.8CVSS8.3AI score0.00837EPSS

CVE•added 2009/09/14 4:30 p.m.•57 views

CVE-2009-2803

CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork.

6.8CVSS7.7AI score0.0089EPSS

CVE•added 2009/09/14 4:30 p.m.•57 views

CVE-2009-2804

Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.

6.8CVSS7.9AI score0.09194EPSS

CVE•added 2009/09/14 4:30 p.m.•56 views

CVE-2009-2809

ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues."

6.8CVSS7.8AI score0.02414EPSS

CVE•added 2009/09/14 4:30 p.m.•52 views

CVE-2009-2811

Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature.

6.8CVSS7.4AI score0.02518EPSS

CVE•added 2009/09/11 6:30 p.m.•49 views

CVE-2009-2800

Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file.

6.8CVSS7.5AI score0.00963EPSS

CVE•added 2009/09/14 4:30 p.m.•47 views

CVE-2009-2812

Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site.

6.8CVSS7.3AI score0.01744EPSS

CVE•added 2009/09/14 4:30 p.m.•45 views

CVE-2009-2805

Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow.

6.8CVSS7.9AI score0.02424EPSS

CVE•added 2009/09/14 4:30 p.m.•41 views

CVE-2009-2807

Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.

7.2CVSS7AI score0.00069EPSS

CVE•added 2009/09/14 4:30 p.m.•39 views

CVE-2009-2814

Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding.

4.3CVSS6.3AI score0.00499EPSS