Vulnerabilities > Apple > MAC OS X Server > 10.0.0

DATE CVE VULNERABILITY TITLE RISK
2008-12-17 CVE-2008-4222 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet.
network
apple CWE-399
7.1
7.1
2008-12-17 CVE-2008-4221 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation.
network
low complexity
apple CWE-399
critical
 10.0
10
2008-12-17 CVE-2008-4220 Numeric Errors vulnerability in Apple mac OS X and mac OS X Server
Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
network
low complexity
apple CWE-189
critical
 10.0
10
2008-12-17 CVE-2008-4219 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application.
local
low complexity
apple CWE-399
4.9
4.9
2008-12-17 CVE-2008-4218 Numeric Errors vulnerability in Apple mac OS X and mac OS X Server
Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt.
local
low complexity
apple CWE-189
7.2
7.2
2008-12-17 CVE-2008-4217 Numeric Errors vulnerability in Apple mac OS X and mac OS X Server
Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow.
network
apple CWE-189
critical
 9.3
9.3
2008-11-21 CVE-2008-5183 NULL Pointer Dereference vulnerability in multiple products
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference.
network
low complexity
apple opensuse debian CWE-476
7.5
7.5
2008-07-01 CVE-2008-2310 USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server
Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.
network
apple CWE-134
6.8
6.8
2008-06-02 CVE-2008-1573 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read.
network
apple CWE-119
7.1
7.1
2008-05-05 CVE-2008-0599 Incorrect Calculation of Buffer Size vulnerability in multiple products
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
network
low complexity
php fedoraproject canonical apple CWE-131
critical
 9.8
9.8