Vulnerabilities > Apple > MAC OS X > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-05-24 CVE-2007-0750 Multiple Security vulnerability in Apple Mac OS X 2007-005
Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file.
network
apple
critical
 9.3
9.3
2007-05-17 CVE-2007-2736 Remote File Include vulnerability in Achievo 1.1.0
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
network
low complexity
apple hp ibm linux microsoft santa-cruz-operation sun windriver achievo
critical
 10.0
10
2007-04-24 CVE-2007-0746 Multiple Security vulnerability in Apple Mac OS X 2007-004
Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference".
network
low complexity
apple
critical
 10.0
10
2007-04-24 CVE-2007-0736 Multiple Security vulnerability in Apple Mac OS X 2007-004
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.
network
apple
critical
 9.3
9.3
2007-04-24 CVE-2007-0735 Multiple Security vulnerability in Apple Mac OS X 2007-004
Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory.
network
apple
critical
 9.3
9.3
2007-03-13 CVE-2007-0733 Applications Multiple vulnerability in Apple Mac OS X
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption.
network
apple
critical
 9.3
9.3
2007-03-13 CVE-2007-0731 Applications Multiple vulnerability in Apple Mac OS X
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
network
apple
critical
 9.3
9.3
2007-03-05 CVE-2007-0714 Numeric Errors vulnerability in Apple Quicktime
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.
network
apple microsoft CWE-189
critical
 9.3
9.3
2007-03-05 CVE-2007-0712 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.
network
apple microsoft CWE-119
critical
 9.3
9.3
2007-01-26 CVE-2007-0462 Remote Memory Corruption vulnerability in Apple Mac OS X QuickDraw GetSrcBits32ARGB
The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption.
network
low complexity
apple
critical
 10.0
10