Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X Server
Subscriptions
Total
817 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-0999 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference. | ||||
CVE-2008-1000 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments. | ||||
CVE-2008-0997 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when querying a network printer. | ||||
CVE-2008-0988 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read. | ||||
CVE-2008-0990 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated from the kernel, which allows local users to cause a denial of service via spoofed death notifications that prevent other applications from receiving notifications. | ||||
CVE-2008-0995 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. | ||||
CVE-2008-0992 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. | ||||
CVE-2008-0994 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. | ||||
CVE-2008-0993 | 1 Apple | 3 Mac Os X, Mac Os X Server, Podcast Producer | 2024-08-07 | N/A |
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. | ||||
CVE-2008-0989 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname. | ||||
CVE-2008-0987 | 1 Apple | 4 Aperture, Iphoto, Mac Os X and 1 more | 2024-08-07 | N/A |
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image. | ||||
CVE-2008-0599 | 4 Apple, Canonical, Fedoraproject and 1 more | 5 Mac Os X, Mac Os X Server, Ubuntu Linux and 2 more | 2024-08-07 | 9.8 Critical |
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. | ||||
CVE-2008-0051 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data. | ||||
CVE-2008-0047 | 3 Apple, Cups, Redhat | 4 Mac Os X, Mac Os X Server, Cups and 1 more | 2024-08-07 | N/A |
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | ||||
CVE-2008-0059 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic." | ||||
CVE-2008-0050 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error. | ||||
CVE-2008-0060 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link. | ||||
CVE-2008-0056 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager. | ||||
CVE-2008-0054 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used. | ||||
CVE-2008-0063 | 8 Apple, Canonical, Debian and 5 more | 13 Mac Os X, Mac Os X Server, Ubuntu Linux and 10 more | 2024-08-07 | 7.5 High |
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." |