Vulnerabilities > Apple > MAC OS X > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-07 | CVE-2007-3750 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via crafted Sample Table Sample Descriptor (STSD) atoms in a movie file. | 9.3 |
| 2007-10-18 | CVE-2007-5476 | Unspecified vulnerability in Adobe Flash Player On Opera Browser For Mac OSX Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. | 10.0 |
| 2007-07-17 | CVE-2007-3828 | Remote Code Execution vulnerability in Apple Mac OS X mDNSResponder Variant Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386. | 10.0 |
| 2007-07-16 | CVE-2007-3798 | Unchecked Return Value vulnerability in multiple products Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | 9.8 |
| 2007-07-15 | CVE-2007-2394 | Code Execution vulnerability in Apple QuickTime Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation. | 9.3 |
| 2007-07-15 | CVE-2007-2392 | Code Execution vulnerability in Apple QuickTime Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption. | 9.3 |
| 2007-06-25 | CVE-2007-2399 | Unspecified vulnerability in Apple mac OS X and mac OS X Server WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption. | 9.3 |
| 2007-05-29 | CVE-2007-2388 | Permissions, Privileges, and Access Controls vulnerability in Apple Quicktime 7.1.6 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations. | 9.3 |
| 2007-05-24 | CVE-2007-2390 | Multiple Security vulnerability in Apple mac OS X 10.3.9/10.4.9 Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | 10.0 |
| 2007-05-24 | CVE-2007-2386 | Multiple Security vulnerability in Apple Mac OS X 2007-005 Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | 9.4 |