Vulnerabilities > Apple > MAC OS X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-09-16 | CVE-2008-2312 | Credentials Management vulnerability in Apple mac OS X and mac OS X Server Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file. | 4.9 |
2008-09-16 | CVE-2008-2305 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names." | 9.3 |
2008-09-11 | CVE-2008-3634 | Information Exposure vulnerability in Apple Itunes Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information. | 2.6 |
2008-09-11 | CVE-2008-3629 | Resource Management Errors vulnerability in Apple Quicktime Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read. | 4.3 |
2008-09-11 | CVE-2008-3624 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms. | 6.8 |
2008-08-04 | CVE-2008-2325 | Resource Management Errors vulnerability in Apple Quicklook QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office file, related to insufficient "bounds checking." | 9.3 |
2008-08-04 | CVE-2008-2324 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs. | 4.6 |
2008-08-04 | CVE-2008-2323 | Resource Management Errors vulnerability in Apple Data Detectors Engine Unspecified vulnerability in Data Detectors Engine in Apple Mac OS X 10.5.4 allows attackers to cause a denial of service (resource consumption) via crafted textual content in messages. | 7.1 |
2008-08-04 | CVE-2008-2322 | Numeric Errors vulnerability in Apple Coregraphics Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | 9.3 |
2008-08-04 | CVE-2008-2321 | Resource Management Errors vulnerability in Apple Coregraphics Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments." | 9.3 |