Mac Os X@10.7.1 Security Vulnerabilities and Issues — Page 2 of Mac Os X@10.7.1 CVE List

Lucene search

AppleMac Os X10.7.1

61 matches found

CVE•added 2014/07/01 10:17 a.m.•42 views

CVE-2014-1371

Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message.

7.5CVSS7.6AI score0.00788EPSS

CVE•added 2012/02/02 6:55 p.m.•41 views

CVE-2011-3447

CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL.

4.3CVSS5.5AI score0.0038EPSS

CVE•added 2012/05/11 3:49 a.m.•41 views

CVE-2012-0662

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

7.5CVSS8.9AI score0.01739EPSS

CVE•added 2012/09/20 9:55 p.m.•41 views

CVE-2012-3716

CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph.

7.5CVSS7.6AI score0.15261EPSS

CVE•added 2014/11/18 11:59 a.m.•41 views

CVE-2014-4458

The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.

5CVSS5.5AI score0.0056EPSS

CVE•added 2012/02/02 6:55 p.m.•40 views

CVE-2011-3450

CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL.

6.8CVSS6.9AI score0.00867EPSS

CVE•added 2012/02/02 6:55 p.m.•39 views

CVE-2011-3452

Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network.

4.3CVSS5.7AI score0.0038EPSS

CVE•added 2012/05/11 3:49 a.m.•39 views

CVE-2012-0656

Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is enabled, allows physically proximate attackers to login to arbitrary accounts by entering the account name and no password.

6.9CVSS7.8AI score0.00039EPSS

CVE•added 2012/09/20 9:55 p.m.•38 views

CVE-2012-3718

Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.

2.1CVSS5.8AI score0.00061EPSS

CVE•added 2012/09/20 9:55 p.m.•36 views

CVE-2012-3720

Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 saves password hashes for external-account use even if external accounts are not enabled, which might allow remote attackers to determine passwords via unspecified access to a mobile account.

4.3CVSS6.4AI score0.00236EPSS

CVE•added 2012/02/02 6:55 p.m.•34 views

CVE-2011-3449

Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document.

6.8CVSS6.8AI score0.00872EPSS

Total number of security vulnerabilities61