Vulnerabilities > Apple > MAC OS X > 10.5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-13 | CVE-2008-1517 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (system shutdown) via unspecified vectors related to workqueues. | 7.2 |
2009-04-02 | CVE-2009-1238 | Race Condition vulnerability in Apple mac OS X and mac OS X Server Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable. | 7.2 |
2009-04-02 | CVE-2009-1237 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call. | 4.9 |
2009-04-02 | CVE-2009-1236 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member. | 10.0 |
2009-04-02 | CVE-2009-1235 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. | 7.2 |
2009-01-21 | CVE-2009-0005 | Resource Management Errors vulnerability in Apple Quicktime Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption. | 9.3 |
2009-01-21 | CVE-2009-0004 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file. | 9.3 |
2009-01-21 | CVE-2009-0003 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure. | 9.3 |
2009-01-21 | CVE-2009-0002 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms. | 9.3 |
2009-01-21 | CVE-2009-0001 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL. | 9.3 |