Vulnerabilities > Apple > MAC OS X Server > 10.4.10

DATE CVE VULNERABILITY TITLE RISK
2007-08-03 CVE-2007-3745 Multiple Security vulnerability in Apple Mac OS X 2007-007
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code.
network
apple
6.8
6.8
2007-08-03 CVE-2007-3744 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet.
low complexity
apple CWE-119
5.8
5.8
2007-08-03 CVE-2007-2410 Multiple Security vulnerability in Apple Mac OS X 2007-007
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
network
apple
4.3
4.3
2007-08-03 CVE-2007-2409 Multiple Security vulnerability in Apple Mac OS X 2007-007
Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window.
network
apple
4.3
4.3
2007-08-03 CVE-2007-2407 Multiple Security vulnerability in Apple Mac OS X 2007-007
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota.
network
low complexity
apple samba
4.0
4.0
2007-08-03 CVE-2007-2406 Multiple Security vulnerability in Apple Mac OS X 2007-007
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file.
network
apple
6.8
6.8
2007-08-03 CVE-2007-2405 Multiple Security vulnerability in Apple Mac OS X 2007-007
Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote attackers to execute arbitrary code via a crafted PDF file.
network
apple
6.8
6.8
2007-08-03 CVE-2007-2404 Multiple Security vulnerability in Apple Mac OS X 2007-007
CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context.
network
low complexity
apple
5.0
5.0
2007-08-03 CVE-2007-2403 Multiple Security vulnerability in Apple Mac OS X 2007-007
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.
network
apple
6.8
6.8
2007-07-16 CVE-2007-3798 Unchecked Return Value vulnerability in multiple products
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
network
low complexity
tcpdump canonical debian slackware freebsd apple CWE-252
critical
 9.8
9.8