Vulnerabilities > Apple > MAC OS X Server > 10.4.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-13 | CVE-2007-0722 | Applications Multiple vulnerability in Apple Mac OS X Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image. network apple | 6.8 |
2007-03-13 | CVE-2007-0721 | Applications Multiple vulnerability in Apple Mac OS X Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption. network apple | 6.8 |
2007-03-13 | CVE-2007-0719 | Applications Multiple vulnerability in Apple Mac OS X Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile. network apple | 6.8 |
2007-02-22 | CVE-2007-1071 | Integer Overflow vulnerability in Apple Mac OS X ImageIO GIF Image Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. | 7.8 |
2007-02-16 | CVE-2007-0897 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. | 7.5 |
2007-01-13 | CVE-2007-0229 | Numeric Errors vulnerability in multiple products Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. | 7.2 |
2007-01-09 | CVE-2007-0117 | Local Privilege Escalation vulnerability in Apple DiskManagement Framework BOM DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation. | 10.0 |
2006-12-20 | CVE-2006-5681 | Information Disclosure vulnerability in Apple Mac OS X Quicktime For Java QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects. | 2.6 |
2006-12-07 | CVE-2006-6353 | Remote Archive File vulnerability in Apple BOMArchiveHelper Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer". | 5.0 |
2006-11-27 | CVE-2006-6129 | Integer Overflow vulnerability in Apple Mac OS X Mach-O Binary Loading Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption. | 4.6 |