Vulnerabilities > Apple > MAC OS X > 10.5.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-03 | CVE-2015-3673 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility. | 7.2 |
| 2015-07-03 | CVE-2015-3672 | Improper Access Control vulnerability in Apple mac OS X Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors. | 7.2 |
| 2015-07-03 | CVE-2015-3671 | Improper Access Control vulnerability in Apple mac OS X Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors. | 7.2 |
| 2015-07-03 | CVE-2015-3669 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665. | 6.8 |
| 2015-07-03 | CVE-2015-3668 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3667. | 6.8 |
| 2015-07-03 | CVE-2015-3667 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3668. | 6.8 |
| 2015-07-03 | CVE-2015-3666 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3667, and CVE-2015-3668. | 6.8 |
| 2015-07-03 | CVE-2015-3663 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668. | 6.8 |
| 2015-07-03 | CVE-2015-3662 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668. | 6.8 |
| 2015-07-03 | CVE-2015-3661 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668. | 6.8 |