MAC OS X

DATE	CVE	VULNERABILITY TITLE	RISK
2007-05-24	CVE-2007-2390	Multiple Security vulnerability in Apple mac OS X 10.3.9/10.4.9 Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. network low complexity apple critical	10.0
2007-05-24	CVE-2007-2386	Multiple Security vulnerability in Apple Mac OS X 2007-005 Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. network low complexity apple critical	9.4
2007-05-24	CVE-2007-0753	USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. local low complexity apple CWE-134	7.2
2007-05-24	CVE-2007-0752	Multiple Security vulnerability in Apple Mac OS X 2007-005 The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. local low complexity apple	7.2
2007-05-24	CVE-2007-0751	Multiple Security vulnerability in Apple Mac OS X 2007-005 A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. local low complexity apple	2.1
2007-05-24	CVE-2007-0750	Multiple Security vulnerability in Apple Mac OS X 2007-005 Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. network apple critical	9.3
2007-05-24	CVE-2007-0740	Multiple Security vulnerability in Apple mac OS X 10.3.9/10.4.9 Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files. network apple	6.8
2007-05-18	CVE-2007-2682	Unspecified vulnerability in Adobe Creative Suite 3.0 The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3 (CS3), does not re-enable the personal firewall after completing the product installation, which allows remote attackers to bypass intended firewall rules. network low complexity apple adobe	7.5
2007-05-17	CVE-2007-2736	Remote File Include vulnerability in Achievo 1.1.0 PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver achievo critical	10.0
2007-05-16	CVE-2007-1898	Unspecified vulnerability in Jetbox CMS 2.1 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. network apple hp linux microsoft santa-cruz-operation sun windriver jetbox	5.8