Vulnerabilities > Apple > MAC OS X Server > 10.4.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-03 | CVE-2007-3745 | Multiple Security vulnerability in Apple Mac OS X 2007-007 The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code. network apple | 6.8 |
2007-08-03 | CVE-2007-3744 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet. | 5.8 |
2007-08-03 | CVE-2007-2410 | Multiple Security vulnerability in Apple Mac OS X 2007-007 WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks. network apple | 4.3 |
2007-08-03 | CVE-2007-2409 | Multiple Security vulnerability in Apple Mac OS X 2007-007 Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window. network apple | 4.3 |
2007-08-03 | CVE-2007-2407 | Multiple Security vulnerability in Apple Mac OS X 2007-007 The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. | 4.0 |
2007-08-03 | CVE-2007-2406 | Multiple Security vulnerability in Apple Mac OS X 2007-007 Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file. network apple | 6.8 |
2007-08-03 | CVE-2007-2405 | Multiple Security vulnerability in Apple Mac OS X 2007-007 Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote attackers to execute arbitrary code via a crafted PDF file. network apple | 6.8 |
2007-08-03 | CVE-2007-2404 | Multiple Security vulnerability in Apple Mac OS X 2007-007 CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. | 5.0 |
2007-08-03 | CVE-2007-2403 | Multiple Security vulnerability in Apple Mac OS X 2007-007 CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. network apple | 6.8 |
2007-07-16 | CVE-2007-3798 | Unchecked Return Value vulnerability in multiple products Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | 9.8 |