Mac Os X@10.6.6 Security Vulnerabilities and Issues — Page 2 of Mac Os X@10.6.6 CVE List

Lucene search

AppleMac Os X10.6.6

61 matches found

CVE•added 2011/06/24 8:55 p.m.•41 views

CVE-2011-0205

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

6.8CVSS6.6AI score0.06115EPSS

CVE•added 2011/10/14 10:55 a.m.•41 views

CVE-2011-0231

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

5CVSS7.8AI score0.00291EPSS

CVE•added 2012/05/11 3:49 a.m.•41 views

CVE-2012-0662

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

7.5CVSS8.9AI score0.01739EPSS

CVE•added 2014/11/18 11:59 a.m.•41 views

CVE-2014-4458

The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.

5CVSS5.5AI score0.0056EPSS

CVE•added 2011/03/23 2:0 a.m.•40 views

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162.

4.9CVSS5.7AI score0.01975EPSS

CVE•added 2011/06/24 8:55 p.m.•40 views

CVE-2011-0198

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

6.8CVSS6.4AI score0.11351EPSS

CVE•added 2011/10/14 10:55 a.m.•40 views

CVE-2011-0229

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

6.8CVSS8.3AI score0.01825EPSS

CVE•added 2011/10/14 10:55 a.m.•40 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-m...

6.8CVSS8.5AI score0.0063EPSS

CVE•added 2012/09/20 9:55 p.m.•38 views

CVE-2012-3718

Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.

2.1CVSS5.8AI score0.00061EPSS

CVE•added 2011/10/14 10:55 a.m.•36 views

CVE-2011-3216

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

2.1CVSS7.5AI score0.00058EPSS

CVE•added 2012/09/20 9:55 p.m.•36 views

CVE-2012-3720

Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 saves password hashes for external-account use even if external accounts are not enabled, which might allow remote attackers to determine passwords via unspecified access to a mobile account.

4.3CVSS6.4AI score0.00236EPSS

Total number of security vulnerabilities61