Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-02 | CVE-2008-1580 | Information Exposure vulnerability in Apple Safari CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and use arbitrary certificates to track user activities across domains, a related issue to CVE-2007-4879. | 4.3 |
2008-06-02 | CVE-2008-1579 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. | 5.0 |
2008-06-02 | CVE-2008-1578 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |
2008-06-02 | CVE-2008-1577 | Multiple Security vulnerability in RETIRED: Apple Mac OS X 2008-003 Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file, related to "multiple memory corruption issues." | 9.3 |
2008-06-02 | CVE-2008-1576 | Resource Management Errors vulnerability in Apple mac OS X Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in opportunistic circumstances, by sending an e-mail message. | 6.8 |
2008-06-02 | CVE-2008-1575 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing. | 9.3 |
2008-06-02 | CVE-2008-1574 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow. | 9.3 |
2008-06-02 | CVE-2008-1573 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read. | 7.1 |
2008-06-02 | CVE-2008-1572 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows local users to overwrite arbitrary files, and display images that are being resized by this application. | 4.6 |
2008-06-02 | CVE-2008-1571 | Path Traversal vulnerability in Apple mac OS X and mac OS X Server Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | 5.0 |