Vulnerabilities > Apple > MAC OS X
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-19 | CVE-2006-4866 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | 4.6 |
2006-09-06 | CVE-2006-4095 | Reachable Assertion vulnerability in multiple products BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | 7.5 |
2006-08-21 | CVE-2006-3506 | Buffer Overflow vulnerability in Apple mac OS X, mac OS X Server and Xsan Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name." This vulnerability is addressed in the following product release: Apple, Xsan, 1.4 | 4.6 |
2006-08-05 | CVE-2006-0395 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types. | 5.1 |
2006-08-03 | CVE-2006-3505 | Multiple Security vulnerability in Apple Mac OS X WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated. | 7.5 |
2006-08-03 | CVE-2006-3504 | Multiple Security vulnerability in Apple Mac OS X The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari. | 5.1 |
2006-08-03 | CVE-2006-3503 | Multiple Security vulnerability in Apple Mac OS X Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image. | 5.1 |
2006-08-03 | CVE-2006-3502 | Multiple Security vulnerability in Apple Mac OS X Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled. | 5.1 |
2006-08-03 | CVE-2006-3501 | Multiple Security vulnerability in Apple Mac OS X Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image. | 5.1 |
2006-08-03 | CVE-2006-3500 | Multiple Security vulnerability in Apple Mac OS X The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability. | 7.2 |