Vulnerabilities > Apple > MAC OS X > 10.4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-13 | CVE-2007-0721 | Applications Multiple vulnerability in Apple Mac OS X Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption. network apple | 6.8 |
2007-03-13 | CVE-2007-0720 | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | 5.0 |
2007-03-13 | CVE-2007-0719 | Applications Multiple vulnerability in Apple Mac OS X Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile. network apple | 6.8 |
2007-03-05 | CVE-2007-0714 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. | 9.3 |
2007-03-05 | CVE-2007-0712 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. | 9.3 |
2007-02-01 | CVE-2007-0646 | USE of Externally-Controlled Format String vulnerability in Apple Imovie, mac OS X and Safari Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function. | 7.1 |
2007-01-30 | CVE-2007-0464 | Buffer Errors vulnerability in Cfnetwork 129.19 The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. | 5.0 |
2007-01-23 | CVE-2007-0430 | Denial-Of-Service vulnerability in Mac OS X The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. | 4.9 |
2006-12-31 | CVE-2006-6906 | Local Security vulnerability in Mac OS X Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900. | 7.2 |
2006-12-20 | CVE-2006-6652 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. | 9.0 |