Mac Os X@10.4.8 Security Vulnerabilities and Issues — Mac Os X@10.4.8 CVE List

Lucene search

AppleMac Os X10.4.8

16 matches found

CVE•added 2006/11/30 4:28 p.m.•52 views

CVE-2006-4408

The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. NOTE: this issue may be similar to CVE-2006-294...

5CVSS8.8AI score0.16493EPSS

CVE•added 2006/12/20 2:28 a.m.•47 views

CVE-2006-6652

Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results f...

9CVSS7.2AI score0.32534EPSS

CVE•added 2006/11/27 12:7 a.m.•45 views

CVE-2006-6129

Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.

4.6CVSS7.8AI score0.00614EPSS

CVE•added 2006/11/04 1:7 a.m.•44 views

CVE-2006-5710

The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which tri...

7.5CVSS7.3AI score0.33039EPSS

CVE•added 2006/12/07 1:28 a.m.•44 views

CVE-2006-6353

Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as di...

5CVSS7.2AI score0.00458EPSS

CVE•added 2006/12/20 2:28 a.m.•43 views

CVE-2006-5681

QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.

2.6CVSS6.2AI score0.00627EPSS

CVE•added 2006/11/22 1:7 a.m.•42 views

CVE-2006-6062

Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.

5.1CVSS7.4AI score0.18874EPSS

CVE•added 2006/11/30 4:28 p.m.•41 views

CVE-2006-4412

WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects.

6.8CVSS7.1AI score0.10699EPSS

CVE•added 2006/11/22 1:7 a.m.•41 views

CVE-2006-6061

com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is l...

9.3CVSS8.1AI score0.37594EPSS

CVE•added 2006/11/30 4:28 p.m.•39 views

CVE-2006-4406

Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.

7.5CVSS7.6AI score0.21031EPSS

CVE•added 2006/11/27 12:7 a.m.•38 views

CVE-2006-6127

Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.

2.1CVSS6.7AI score0.00516EPSS

CVE•added 2006/11/30 4:28 p.m.•36 views

CVE-2006-4398

Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests.

7.2CVSS7.1AI score0.00096EPSS

CVE•added 2006/12/05 11:28 a.m.•36 views

CVE-2006-6292

Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames.

5.7CVSS6.5AI score0.00927EPSS

CVE•added 2006/11/30 4:28 p.m.•35 views

CVE-2006-4411

The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors.

7.2CVSS6AI score0.00048EPSS

CVE•added 2006/11/30 4:28 p.m.•34 views

CVE-2006-4409

The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.

5CVSS6.2AI score0.00707EPSS

CVE•added 2006/11/27 12:7 a.m.•34 views

CVE-2006-6126

Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.

2.1CVSS6.1AI score0.00086EPSS