Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2007-08-03 CVE-2007-2409 Multiple Security vulnerability in Apple Mac OS X 2007-007
Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window.
network
apple
4.3
4.3
2007-08-03 CVE-2007-2407 Multiple Security vulnerability in Apple Mac OS X 2007-007
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota.
network
low complexity
apple samba
4.0
4.0
2007-08-03 CVE-2007-2406 Multiple Security vulnerability in Apple Mac OS X 2007-007
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file.
network
apple
6.8
6.8
2007-08-03 CVE-2007-2405 Multiple Security vulnerability in Apple Mac OS X 2007-007
Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote attackers to execute arbitrary code via a crafted PDF file.
network
apple
6.8
6.8
2007-08-03 CVE-2007-2404 Multiple Security vulnerability in Apple Mac OS X 2007-007
CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context.
network
low complexity
apple
5.0
5.0
2007-08-03 CVE-2007-2403 Multiple Security vulnerability in Apple Mac OS X 2007-007
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.
network
apple
6.8
6.8
2007-07-27 CVE-2007-4045 The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation.
network
low complexity
apple fedoraproject
5.0
5.0
2007-07-23 CVE-2007-3944 Buffer Errors vulnerability in Apple Iphone OS, Safari and Webkit
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions.
network
apple CWE-119
critical
 9.3
9.3
2007-07-17 CVE-2007-3828 Remote Code Execution vulnerability in Apple Mac OS X mDNSResponder Variant
Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386.
network
low complexity
apple
critical
 10.0
10
2007-07-16 CVE-2007-3798 Unchecked Return Value vulnerability in multiple products
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
network
low complexity
tcpdump canonical debian slackware freebsd apple CWE-252
critical
 9.8
9.8