Vulnerabilities > Apple > MAC OS X > 10.4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-16 | CVE-2007-3798 | Unchecked Return Value vulnerability in multiple products Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | 9.8 |
2007-06-06 | CVE-2007-3073 | Directory Traversal vulnerability in Firefox Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI. | 7.8 |
2007-05-29 | CVE-2007-2389 | Information Disclosure vulnerability in Apple Quicktime 7.1.6 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | 7.1 |
2007-05-29 | CVE-2007-2388 | Permissions, Privileges, and Access Controls vulnerability in Apple Quicktime 7.1.6 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations. | 9.3 |
2007-05-24 | CVE-2007-2386 | Multiple Security vulnerability in Apple Mac OS X 2007-005 Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | 9.4 |
2007-05-24 | CVE-2007-0753 | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. | 7.2 |
2007-05-24 | CVE-2007-0751 | Multiple Security vulnerability in Apple Mac OS X 2007-005 A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. | 2.1 |
2007-05-24 | CVE-2007-0750 | Multiple Security vulnerability in Apple Mac OS X 2007-005 Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. | 9.3 |
2007-04-24 | CVE-2007-0747 | Multiple Security vulnerability in Apple Mac OS X 2007-004 load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables. | 7.2 |
2007-04-24 | CVE-2007-0746 | Multiple Security vulnerability in Apple Mac OS X 2007-004 Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference". | 10.0 |