Vulnerabilities > Apple > MAC OS X Server > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-15 | CVE-2007-4690 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet. | 9.0 |
2007-11-15 | CVE-2007-4691 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. | 10.0 |
2007-07-16 | CVE-2007-3798 | Unchecked Return Value vulnerability in multiple products Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | 9.8 |
2007-06-25 | CVE-2007-2399 | Unspecified vulnerability in Apple mac OS X and mac OS X Server WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption. | 9.3 |
2007-05-24 | CVE-2007-0750 | Multiple Security vulnerability in Apple Mac OS X 2007-005 Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. | 9.3 |
2007-05-13 | CVE-2007-0748 | Remote Buffer Overflow vulnerability in Apple Darwin Streaming Server Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. | 10.0 |
2007-05-13 | CVE-2007-0749 | Remote Buffer Overflow vulnerability in Apple Darwin Streaming Server Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. | 10.0 |
2007-04-24 | CVE-2007-0735 | Multiple Security vulnerability in Apple Mac OS X 2007-004 Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory. | 9.3 |
2007-04-24 | CVE-2007-0736 | Multiple Security vulnerability in Apple Mac OS X 2007-004 Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. | 9.3 |
2007-04-24 | CVE-2007-0746 | Multiple Security vulnerability in Apple Mac OS X 2007-004 Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference". | 10.0 |