Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Server Subscriptions
Total 817 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-0725 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands."
CVE-2007-0724 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
CVE-2007-0723 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.
CVE-2007-0722 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.
CVE-2007-0721 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption.
CVE-2007-0719 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile.
CVE-2007-0229 2 Apple, Freebsd 3 Mac Os X, Mac Os X Server, Freebsd 2024-11-21 N/A
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.
CVE-2007-0117 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation.
CVE-2006-6353 1 Apple 3 Bomarchivehelper, Mac Os X, Mac Os X Server 2024-11-21 N/A
Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".
CVE-2006-6129 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
CVE-2006-6127 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2006-6062 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.
CVE-2006-6061 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address.
CVE-2006-5681 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.
CVE-2006-5051 4 Apple, Debian, Openbsd and 1 more 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more 2024-11-21 8.1 High
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
CVE-2006-4866 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
CVE-2006-4095 3 Apple, Canonical, Isc 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more 2024-11-21 7.5 High
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
CVE-2006-3509 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.
CVE-2006-3508 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.