Vulnerabilities > Apple > MAC OS X > 10.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-30 | CVE-2006-4401 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. | 5.1 |
2006-11-30 | CVE-2006-4400 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files. | 5.1 |
2006-11-30 | CVE-2006-4396 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack. | 4.6 |
2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |
2006-09-19 | CVE-2006-4887 | Remote Desktop Local Authentication Bypass vulnerability in Apple Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. | 7.2 |
2006-09-19 | CVE-2006-4866 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | 4.6 |
2006-09-06 | CVE-2006-4095 | Reachable Assertion vulnerability in multiple products BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | 7.5 |
2006-07-06 | CVE-2006-3356 | Denial-Of-Service vulnerability in Mac OS X The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. | 2.6 |
2006-04-21 | CVE-2006-1984 | Multiple Security vulnerability in Apple Mac OS X Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. | 5.0 |
2006-03-14 | CVE-2006-1220 | Local Heap Overflow vulnerability in Apple Mac OS X Kernel MACH_MSG_SEND Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow. | 4.6 |