Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-30 | CVE-2006-4408 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. | 5.0 |
2006-11-30 | CVE-2006-4407 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. | 5.0 |
2006-11-30 | CVE-2006-4406 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2006-11-30 | CVE-2006-4404 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges. | 10.0 |
2006-11-30 | CVE-2006-4403 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames. | 4.0 |
2006-11-30 | CVE-2006-4402 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files. | 5.1 |
2006-11-30 | CVE-2006-4401 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. | 5.1 |
2006-11-30 | CVE-2006-4400 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files. | 5.1 |
2006-11-30 | CVE-2006-4398 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests. | 7.2 |
2006-11-30 | CVE-2006-4396 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack. | 4.6 |