Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-25 | CVE-2010-1800 | Information Exposure vulnerability in Apple Cfnetwork, mac OS X and mac OS X Server CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. | 5.0 |
| 2010-08-19 | CVE-2010-2807 | Incorrect Conversion Between Numeric Types vulnerability in multiple products FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2805 | Improper Input Validation vulnerability in multiple products The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2520 | Out-Of-Bounds Write vulnerability in multiple products Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 5.1 |
| 2010-08-19 | CVE-2010-2499 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment. | 6.8 |
| 2010-08-19 | CVE-2010-2498 | Out-Of-Bounds Write vulnerability in multiple products The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation. | 6.8 |
| 2010-08-19 | CVE-2010-2497 | Integer Underflow (Wrap OR Wraparound) vulnerability in multiple products Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-11 | CVE-2010-1898 | Code Injection vulnerability in Microsoft .Net Framework and Silverlight The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-0019 | Code Injection vulnerability in Microsoft Silverlight 3.0.40624.00/3.0.40723.0/3.0.40818.0 Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage) via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability." | 9.3 |
| 2010-08-02 | CVE-2010-1794 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X 10.6.0 The webdav_mount function in webdav_vfsops.c in the WebDAV kernel extension (aka webdav_fs.kext) for Mac OS X 10.6 allows local users to cause a denial of service (panic) via a mount request with a large integer in the pa_socket_namelen field. | 4.9 |