Vulnerabilities > Apple > MAC OS X > 10.7.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-20 | CVE-2012-3719 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a third-party plugin. | 6.8 |
2012-09-20 | CVE-2012-3718 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes. | 2.1 |
2012-09-20 | CVE-2012-3716 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph. | 7.5 |
2012-07-03 | CVE-2012-1148 | Resource Management Errors vulnerability in multiple products Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. | 5.0 |
2012-05-11 | CVE-2012-0675 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume. | 4.3 |
2012-05-11 | CVE-2012-0662 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input. | 7.5 |
2012-05-11 | CVE-2012-0661 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. | 6.8 |
2012-05-11 | CVE-2012-0660 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | 6.8 |
2012-05-11 | CVE-2012-0659 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | 6.8 |
2012-05-11 | CVE-2012-0658 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. | 6.8 |