Vulnerabilities > Apple > MAC OS X > 10.3.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-30 | CVE-2006-4407 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. | 5.0 |
2006-11-30 | CVE-2006-4406 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2006-11-30 | CVE-2006-4404 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges. | 10.0 |
2006-11-30 | CVE-2006-4403 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames. | 4.0 |
2006-11-30 | CVE-2006-4402 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files. | 5.1 |
2006-11-30 | CVE-2006-4401 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. | 5.1 |
2006-11-30 | CVE-2006-4400 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files. | 5.1 |
2006-11-30 | CVE-2006-4396 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack. | 4.6 |
2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |
2006-09-19 | CVE-2006-4866 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | 4.6 |