Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-12 | CVE-2006-2238 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. | 7.5 |
2006-05-12 | CVE-2006-1457 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | 2.6 |
2006-05-12 | CVE-2006-1456 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | 7.5 |
2006-05-12 | CVE-2006-1455 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | 7.8 |
2006-05-12 | CVE-2006-1452 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | 4.6 |
2006-05-12 | CVE-2006-1451 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | 7.2 |
2006-05-12 | CVE-2006-1450 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | 7.5 |
2006-05-12 | CVE-2006-1449 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. | 7.5 |
2006-05-12 | CVE-2006-1448 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme. | 6.5 |
2006-05-12 | CVE-2006-1447 | Multiple vulnerability in Apple mac OS X 10.4.6 LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | 5.0 |