Vulnerabilities > Apple > MAC OS X Server > High

DATE CVE VULNERABILITY TITLE RISK
2009-02-13 CVE-2009-0020 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption.
network
low complexity
apple CWE-399
7.8
2009-02-13 CVE-2009-0019 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access.
network
low complexity
apple CWE-119
7.5
2009-02-13 CVE-2009-0018 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory.
network
low complexity
apple CWE-119
7.8
2009-02-13 CVE-2009-0017 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow.
local
low complexity
apple CWE-119
7.2
2009-02-13 CVE-2009-0011 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server
Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.
local
low complexity
apple CWE-264
7.2
2008-12-17 CVE-2008-4236 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted embedded font in a PDF file.
network
apple CWE-399
7.1
2008-12-17 CVE-2008-4224 Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server
UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
network
apple CWE-20
7.1
2008-12-17 CVE-2008-4222 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet.
network
apple CWE-399
7.1
2008-12-17 CVE-2008-4218 Numeric Errors vulnerability in Apple mac OS X and mac OS X Server
Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt.
local
low complexity
apple CWE-189
7.2
2008-11-21 CVE-2008-5183 NULL Pointer Dereference vulnerability in multiple products
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference.
network
low complexity
apple opensuse debian CWE-476
7.5