Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-14 | CVE-2009-2805 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | 6.8 |
| 2009-09-14 | CVE-2009-2804 | Numeric Errors vulnerability in Apple mac OS X, mac OS X Server and Safari Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | 6.8 |
| 2009-09-14 | CVE-2009-2803 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | 6.8 |
| 2009-09-11 | CVE-2009-2800 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. | 6.8 |
| 2009-09-10 | CVE-2009-2815 | Resource Management Errors vulnerability in Apple Iphone OS The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. | 7.8 |
| 2009-09-10 | CVE-2009-2799 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file. | 9.3 |
| 2009-09-10 | CVE-2009-2798 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | 9.3 |
| 2009-09-10 | CVE-2009-2797 | Information Exposure vulnerability in multiple products The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server. | 5.0 |
| 2009-09-10 | CVE-2009-2796 | Information Exposure vulnerability in Apple Iphone OS 3.0/3.0.1 The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. | 2.1 |
| 2009-09-10 | CVE-2009-2795 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing." | 7.2 |