Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5567 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-1452 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | ||||
CVE-2006-1471 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. | ||||
CVE-2006-1466 | 1 Apple | 2 Mac Os X, Xcode | 2024-08-07 | N/A |
Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. | ||||
CVE-2006-1472 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results. | ||||
CVE-2006-1468 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. | ||||
CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | ||||
CVE-2006-1456 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | ||||
CVE-2006-1449 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. | ||||
CVE-2006-1448 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme. | ||||
CVE-2006-1443 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions. | ||||
CVE-2006-1457 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | ||||
CVE-2006-1473 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors. | ||||
CVE-2006-1455 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | ||||
CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | ||||
CVE-2006-1439 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events. | ||||
CVE-2006-1440 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. | ||||
CVE-2006-1447 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | ||||
CVE-2006-1442 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. | ||||
CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | ||||
CVE-2006-1441 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding. |