Vulnerabilities > Apple > MAC OS X > 10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-21 | CVE-2011-1755 | XML Entity Expansion vulnerability in multiple products jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 7.5 |
| 2011-03-23 | CVE-2011-0183 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue." | 5.0 |
| 2011-03-23 | CVE-2011-0182 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry. | 7.2 |
| 2011-03-23 | CVE-2011-0181 | Numeric Errors vulnerability in Apple Imageio, mac OS X and mac OS X Server Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image. | 6.8 |
| 2011-03-23 | CVE-2011-0180 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call. | 2.1 |
| 2011-03-23 | CVE-2011-0179 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font. | 6.8 |
| 2011-03-23 | CVE-2011-0178 | Information Exposure vulnerability in Apple Carboncore, mac OS X and mac OS X Server The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory. | 2.1 |
| 2011-03-23 | CVE-2011-0177 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font. | 6.8 |
| 2011-03-23 | CVE-2011-0176 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font. | 6.8 |
| 2011-03-23 | CVE-2011-0175 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font. | 6.8 |