Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-22 | CVE-2006-6061 | Remote Denial Of Service vulnerability in Apple Mac OS X UDIF Disk Image com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. | 9.3 |
| 2006-11-21 | CVE-2006-6015 | Remote Denial of Service vulnerability in Apple mac OS X 10.4 Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. | 5.0 |
| 2006-11-18 | CVE-2006-4413 | Remote Desktop Insecure Default Package Permission vulnerability in Apple Remote Desktop 2.0/2.1/3.0 Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root privileges on client systems that use the packages. | 7.2 |
| 2006-11-04 | CVE-2006-5710 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow. | 7.5 |
| 2006-10-03 | CVE-2006-4399 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in less secure password management than intended. | 2.1 |
| 2006-10-03 | CVE-2006-4397 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tickets from being destroyed if a user does not successfully log on to a network account from the login window, which might allow later users to gain access to the original user's Kerberos tickets. | 4.6 |
| 2006-10-03 | CVE-2006-4395 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows context-dependent attackers to cause a denial of service ("memory corruption" and crash) via a crafted PICT image that is not properly handled by a certain "unsupported QuickDraw operation." | 5.1 |
| 2006-10-03 | CVE-2006-4394 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors. | 7.5 |
| 2006-10-03 | CVE-2006-4393 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users. | 3.7 |
| 2006-10-03 | CVE-2006-4392 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function. | 7.2 |