Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-19 | CVE-2008-0830 | Improper Input Validation vulnerability in Apple Iphoto 4.0.3 The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043. | 7.5 |
| 2008-02-14 | CVE-2008-0778 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. | 7.5 |
| 2008-02-12 | CVE-2008-0729 | Resource Management Errors vulnerability in Apple Mobile Safari Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. | 7.1 |
| 2008-02-12 | CVE-2008-0042 | Code Injection vulnerability in Apple mac OS X 10.4.11/10.5/10.5.1 Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes. | 6.8 |
| 2008-02-12 | CVE-2008-0041 | Information Exposure vulnerability in Apple mac OS X 10.5/10.5.1 Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is unblocked," which allows remote attackers to determine when a system is running Parental Controls. | 5.0 |
| 2008-02-12 | CVE-2008-0040 | Resource Management Errors vulnerability in Apple mac OS X 10.5/10.5.1 Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption. | 10.0 |
| 2008-02-12 | CVE-2008-0039 | Code Injection vulnerability in Apple Mail Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL. | 6.8 |
| 2008-02-12 | CVE-2008-0038 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X 10.5/10.5.1 Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security restrictions or exploit vulnerabilities in the application. | 1.9 |
| 2008-02-12 | CVE-2008-0037 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X 10.5/10.5.1 X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote attackers to bypass intended access restrictions and connect to the X server. | 4.3 |
| 2008-02-08 | CVE-2008-0043 | Code Injection vulnerability in Apple Iphoto Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions. | 9.3 |