Vulnerabilities > Apple > MAC OS X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-10-16 | CVE-2009-3281 | Permissions, Privileges, and Access Controls vulnerability in VMWare Fusion The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors. | 7.2 |
2009-09-14 | CVE-2009-2813 | Permissions, Privileges, and Access Controls vulnerability in multiple products Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. | 6.0 |
2009-09-14 | CVE-2009-2812 | Remote Code Execution vulnerability in Apple Mac OS X Launch Services Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. network apple | 6.8 |
2009-09-14 | CVE-2009-2811 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature. | 6.8 |
2009-09-14 | CVE-2009-2809 | Code Injection vulnerability in Apple mac OS X and mac OS X Server ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." | 6.8 |
2009-09-14 | CVE-2009-2807 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | 7.2 |
2009-09-14 | CVE-2009-2805 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | 6.8 |
2009-09-14 | CVE-2009-2804 | Numeric Errors vulnerability in Apple mac OS X, mac OS X Server and Safari Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | 6.8 |
2009-09-14 | CVE-2009-2803 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | 6.8 |
2009-09-11 | CVE-2009-2800 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. | 6.8 |