Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-03 | CVE-2006-4391 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to execute arbitrary code via a malformed JPEG2000 image. | 5.1 |
2006-10-03 | CVE-2006-4390 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted. | 2.6 |
2006-10-03 | CVE-2006-4387 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the "Allow user to administer this computer" checkbox in System Preferences for a user, does not remove the user's account from the appserveradm or appserverusr groups, which still allows the user to manage WebObjects applications. | 4.6 |
2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |
2006-09-25 | CVE-2006-4965 | Code Injection vulnerability in Apple Quicktime 7.1.3 Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. | 5.0 |
2006-09-21 | CVE-2006-3509 | Buffer Overflow vulnerability in Apple Mac OS X AirPort Wireless Driver Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames. | 7.2 |
2006-09-21 | CVE-2006-3508 | Buffer Overflow vulnerability in Apple Mac OS X AirPort Wireless Driver Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates. | 7.2 |
2006-09-21 | CVE-2006-3507 | Buffer Overflow vulnerability in Apple Mac OS X AirPort Wireless Driver Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. | 7.2 |
2006-09-19 | CVE-2006-4887 | Remote Desktop Local Authentication Bypass vulnerability in Apple Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. | 7.2 |
2006-09-19 | CVE-2006-4866 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | 4.6 |