Filtered by vendor Apple
Subscriptions
Total
11929 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-1440 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. | ||||
CVE-2006-1439 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events. | ||||
CVE-2006-1249 | 1 Apple | 2 Itunes, Quicktime | 2024-11-21 | N/A |
Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. | ||||
CVE-2006-1220 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow. | ||||
CVE-2006-0848 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. | ||||
CVE-2006-0401 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. | ||||
CVE-2006-0400 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." | ||||
CVE-2006-0399 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | ||||
CVE-2006-0398 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | ||||
CVE-2006-0397 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | ||||
CVE-2006-0396 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. | ||||
CVE-2006-0395 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types. | ||||
CVE-2006-0393 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang. | ||||
CVE-2006-0392 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image. | ||||
CVE-2006-0391 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper. | ||||
CVE-2006-0389 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. | ||||
CVE-2006-0388 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | ||||
CVE-2006-0387 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | ||||
CVE-2006-0386 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. | ||||
CVE-2006-0384 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". |