Vulnerabilities > Apple > MAC OS X > 10.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-06 | CVE-2007-3073 | Directory Traversal vulnerability in Firefox Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI. | 7.8 |
| 2007-05-29 | CVE-2007-2389 | Information Disclosure vulnerability in Apple Quicktime 7.1.6 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | 7.1 |
| 2007-05-29 | CVE-2007-2388 | Permissions, Privileges, and Access Controls vulnerability in Apple Quicktime 7.1.6 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations. | 9.3 |
| 2007-05-24 | CVE-2007-0753 | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. | 7.2 |
| 2007-05-24 | CVE-2007-0751 | Multiple Security vulnerability in Apple Mac OS X 2007-005 A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. | 2.1 |
| 2007-04-24 | CVE-2007-0742 | Multiple Security vulnerability in Apple Mac OS X 2007-004 The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information. | 7.8 |
| 2007-04-24 | CVE-2007-0729 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X, mac OS X Preview.App and mac OS X Server Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. | 7.2 |
| 2007-03-13 | CVE-2007-0720 | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | 5.0 |
| 2007-01-23 | CVE-2007-0430 | Denial-Of-Service vulnerability in Mac OS X The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. | 4.9 |
| 2006-12-31 | CVE-2006-6906 | Local Security vulnerability in Mac OS X Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900. | 7.2 |