Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-07-06 | CVE-2006-3356 | Denial-Of-Service vulnerability in Mac OS X The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. | 2.6 |
| 2006-06-27 | CVE-2006-1471 | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. | 4.6 |
| 2006-06-27 | CVE-2006-1470 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | 5.0 |
| 2006-06-27 | CVE-2006-1469 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | 7.5 |
| 2006-06-27 | CVE-2006-1468 | Multiple Security vulnerability in Retired: Apple Mac OS X Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. | 5.0 |
| 2006-05-24 | CVE-2006-1466 | Remote Access vulnerability in Apple Xcode Tools WebObjects Unauthorized Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. | 4.0 |
| 2006-05-12 | CVE-2006-1457 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | 2.6 |
| 2006-05-12 | CVE-2006-1456 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | 7.5 |
| 2006-05-12 | CVE-2006-1455 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | 7.8 |
| 2006-05-12 | CVE-2006-1452 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | 4.6 |