Vulnerabilities > Apple > MAC OS X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-15 | CVE-2007-4704 | Unspecified vulnerability in Apple mac OS X 10.5 The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions. | 10.0 |
2007-11-15 | CVE-2007-4703 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions. | 10.0 |
2007-11-15 | CVE-2007-4702 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions. | 9.3 |
2007-11-15 | CVE-2007-4701 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari is previewing a PDF file, which allows local users to read the contents of that file. | 2.1 |
2007-11-15 | CVE-2007-4700 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors. | 7.5 |
2007-11-15 | CVE-2007-4699 | Permissions, Privileges, and Access Controls vulnerability in Apple Safari The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions. | 7.5 |
2007-11-15 | CVE-2007-4697 | Multiple Security vulnerability in Apple Mac OS X v10.4.11 2007-008 Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption. network apple | 6.8 |
2007-11-15 | CVE-2007-4696 | Race Condition vulnerability in Apple mac OS X and mac OS X Server Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari. | 4.3 |
2007-11-15 | CVE-2007-4695 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads. | 4.3 |
2007-11-15 | CVE-2007-4694 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs. | 4.3 |