Vulnerabilities > Apple > MAC OS X > 10.7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-16 | CVE-2013-1032 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and Quicktime QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file. | 6.8 |
| 2013-09-16 | CVE-2013-1031 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a locking failure had prevented the startup of the screen saver. | 3.3 |
| 2013-09-16 | CVE-2013-1030 | Information Exposure vulnerability in Apple mac OS X mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |
| 2013-09-16 | CVE-2013-1029 | Improper Input Validation vulnerability in Apple mac OS X The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser. | 4.9 |
| 2013-09-16 | CVE-2013-1028 | Improper Input Validation vulnerability in Apple Iphone OS and mac OS X The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate. | 5.8 |
| 2013-09-16 | CVE-2013-1027 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Installer in Apple Mac OS X before 10.8.5 provides an option to continue a package's installation after encountering a revoked certificate, which might allow user-assisted remote attackers to execute arbitrary code via a crafted package. | 6.8 |
| 2013-09-16 | CVE-2013-1026 | Buffer Errors vulnerability in Apple Iphone OS and mac OS X Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. | 6.8 |
| 2013-09-16 | CVE-2013-1025 | Buffer Errors vulnerability in Apple Iphone OS and mac OS X Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document. | 6.8 |
| 2013-06-05 | CVE-2013-3951 | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Watchos sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program. | 4.6 |
| 2013-06-05 | CVE-2013-1024 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | 6.8 |