CVE-2016-1731

The CVE-2016-1731 vulnerability affects Apple Software Update on Windows versions prior to 2.2. The issue arises because the update contents are retrieved over HTTP instead of HTTPS, enabling a man-in-the-middle to modify the data stream and spoof updates. Public sources in the provided documents...

CVE-2007-0463

CVE-2007-0463 describes a format-string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8. The flaw allows remote attackers to trigger a denial of service (app crash) or execute arbitrary code via format string specifiers in (1) SWUTMP, (2) SUCATALOG filenames, or the (3) applicatio...