Vulnerabilities > Apple > MAC OS X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-15 | CVE-2007-4693 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboard focus between secure text fields." | 7.2 |
2007-11-15 | CVE-2007-4691 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. | 10.0 |
2007-11-15 | CVE-2007-4690 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet. | 9.0 |
2007-11-15 | CVE-2007-4689 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets. | 10.0 |
2007-11-15 | CVE-2007-4688 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query. | 5.0 |
2007-11-15 | CVE-2007-4687 | Configuration vulnerability in Apple mac OS X and mac OS X Server The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files. | 9.3 |
2007-11-15 | CVE-2007-4686 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request. | 7.2 |
2007-11-15 | CVE-2007-4685 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state." | 7.2 |
2007-11-15 | CVE-2007-4684 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call. | 6.9 |
2007-11-15 | CVE-2007-4683 | Path Traversal vulnerability in Apple mac OS X Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory. | 4.6 |