Vulnerabilities > Apple > MAC OS X > 10.5.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-20 | CVE-2012-0650 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 7.5 |
2012-07-03 | CVE-2012-1148 | Resource Management Errors vulnerability in multiple products Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. | 5.0 |
2012-05-11 | CVE-2012-0675 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume. | 4.3 |
2012-05-11 | CVE-2012-0662 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input. | 7.5 |
2012-05-11 | CVE-2012-0660 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | 6.8 |
2012-05-11 | CVE-2012-0659 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | 6.8 |
2012-05-11 | CVE-2012-0658 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. | 6.8 |
2012-05-11 | CVE-2012-0657 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors. | 2.1 |
2012-05-11 | CVE-2012-0655 | Cryptographic Issues vulnerability in Apple mac OS X and mac OS X Server libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that uses a short key. | 6.4 |
2012-05-11 | CVE-2012-0654 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate. | 6.8 |