Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-05 | CVE-2008-0599 | Incorrect Calculation of Buffer Size vulnerability in multiple products The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. | 9.8 |
| 2008-04-17 | CVE-2008-1026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari 3/3.1 Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. | 6.8 |
| 2008-04-08 | CVE-2008-1701 | Denial Of Service vulnerability in Novell Iprint 6.5 Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request. | 5.0 |
| 2008-03-19 | CVE-2008-0063 | Use of Uninitialized Resource vulnerability in multiple products The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | 7.5 |
| 2008-03-18 | CVE-2008-1000 | Path Traversal vulnerability in Apple mac OS X and mac OS X Server Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments. | 8.5 |
| 2008-03-18 | CVE-2008-0999 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference. | 7.1 |
| 2008-03-18 | CVE-2008-0998 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects. | 6.9 |
| 2008-03-18 | CVE-2008-0996 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. | 1.7 |
| 2008-03-18 | CVE-2008-0995 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
| 2008-03-18 | CVE-2008-0994 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |