Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-10-29 | CVE-2010-3654 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | 9.3 |
| 2010-10-08 | CVE-2010-3887 | Permissions, Privileges, and Access Controls vulnerability in Apple Mail The Limit Mail feature in the Parental Controls functionality in Mail on Apple Mac OS X does not properly enforce the correspondence whitelist, which allows remote attackers to bypass intended access restrictions and conduct e-mail communication by leveraging knowledge of a child's e-mail address and a parent's e-mail address, related to parental notification of unapproved e-mail addresses. | 4.3 |
| 2010-10-06 | CVE-2010-3623 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 9.3 |
| 2010-09-29 | CVE-2010-2530 | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call. | 4.9 |
| 2010-09-21 | CVE-2010-1820 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name. | 6.8 |
| 2010-09-15 | CVE-2010-2884 | Remote Code Execution vulnerability in Adobe Flash Player Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | 9.3 |
| 2010-09-09 | CVE-2010-2770 | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL. | 9.3 |
| 2010-08-25 | CVE-2010-1808 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Type Services, mac OS X and mac OS X Server Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | 6.8 |
| 2010-08-25 | CVE-2010-1802 | Improper Authentication vulnerability in Apple Libsecurity, mac OS X and mac OS X Server libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com. | 6.4 |
| 2010-08-25 | CVE-2010-1801 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Coregraphics, mac OS X and mac OS X Server Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file. | 6.8 |