Mac Os X@* Security Vulnerabilities and Issues — Mac Os X@* CVE List

Lucene search

AppleMac Os X*

10 matches found

CVE•added 2007/07/16 10:30 p.m.•85 views

CVE-2007-3798

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

9.8CVSS9.8AI score0.74399EPSS

CVE•added 2007/03/13 9:19 p.m.•74 views

CVE-2007-0720

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.

5CVSS8.4AI score0.21696EPSS

CVE•added 2007/11/15 1:46 a.m.•53 views

CVE-2007-4682

CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer.

6.8CVSS7.6AI score0.02778EPSS

CVE•added 2007/11/15 1:46 a.m.•47 views

CVE-2007-3749

The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of t...

7.8CVSS7.4AI score0.00147EPSS

CVE•added 2007/06/12 9:30 p.m.•45 views

CVE-2007-3184

Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture va...

7.2CVSS6AI score0.00075EPSS

CVE•added 2007/11/15 1:46 a.m.•41 views

CVE-2007-4268

Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value, w...

7.8CVSS7.3AI score0.00748EPSS

CVE•added 2007/01/23 2:28 a.m.•40 views

CVE-2007-0430

The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value.

4.9CVSS5.7AI score0.00147EPSS

CVE•added 2007/11/15 1:46 a.m.•38 views

CVE-2007-4679

CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.

2.6CVSS7AI score0.0071EPSS

CVE•added 2007/01/08 8:0 p.m.•37 views

CVE-2006-6906

Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900.

7.2CVSS6.3AI score0.00334EPSS

CVE•added 2007/04/24 5:19 p.m.•36 views

CVE-2007-0742

The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information.

7.8CVSS5.9AI score0.0049EPSS