Mac Os X@10.5 Security Vulnerabilities and Issues — Mac Os X@10.5 CVE List

Lucene search

AppleMac Os X10.5

9 matches found

CVE•added 2007/11/29 1:46 a.m.•64 views

CVE-2007-6165

Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a ...

9.3CVSS9.3AI score0.64008EPSS

CVE•added 2007/12/07 11:46 a.m.•50 views

CVE-2007-6276

The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.

7.8CVSS6.1AI score0.13999EPSS

CVE•added 2007/11/07 11:46 p.m.•48 views

CVE-2007-4675

Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom.

9.3CVSS7.6AI score0.51979EPSS

CVE•added 2007/11/07 11:46 p.m.•48 views

CVE-2007-4676

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.

9.3CVSS7.7AI score0.69709EPSS

CVE•added 2007/11/07 11:46 p.m.•47 views

CVE-2007-4677

Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values.

9.3CVSS7.7AI score0.7EPSS

CVE•added 2007/11/07 11:46 p.m.•44 views

CVE-2007-3751

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.

9.3CVSS7.6AI score0.16668EPSS

CVE•added 2007/11/15 8:46 p.m.•44 views

CVE-2007-4704

The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions.

10CVSS6AI score0.00806EPSS

CVE•added 2007/11/15 8:46 p.m.•41 views

CVE-2007-4703

The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions.

10CVSS6.1AI score0.00664EPSS

CVE•added 2007/11/15 8:46 p.m.•40 views

CVE-2007-4702

The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions.

9.3CVSS6.1AI score0.00665EPSS