Vulnerabilities > Apple > MAC OS X > 10.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-04 | CVE-2008-2325 | Resource Management Errors vulnerability in Apple Quicklook QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office file, related to insufficient "bounds checking." | 9.3 |
| 2008-08-04 | CVE-2008-2323 | Resource Management Errors vulnerability in Apple Data Detectors Engine Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to cause a denial of service (resource consumption) via crafted textual content in messages. | 7.1 |
| 2008-08-04 | CVE-2008-2322 | Numeric Errors vulnerability in Apple Coregraphics Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | 9.3 |
| 2008-08-04 | CVE-2008-2321 | Resource Management Errors vulnerability in Apple Coregraphics Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments." | 9.3 |
| 2008-08-04 | CVE-2008-2320 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Carboncore Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API. | 9.3 |
| 2008-08-01 | CVE-2008-3438 | Download of Code Without Integrity Check vulnerability in Apple mac OS X Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 8.1 |
| 2008-01-10 | CVE-2008-0226 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | 7.5 |
| 2007-11-29 | CVE-2007-6166 | Buffer Errors vulnerability in Apple Quicktime and Safari Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. | 9.3 |
| 2007-03-05 | CVE-2007-0714 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value. | 9.3 |
| 2007-03-05 | CVE-2007-0712 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. | 9.3 |