Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-07-06 | CVE-2006-3372 | Denial Of Service vulnerability in Apple Safari 2.0.4419.3 Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference. | 5.0 |
| 2006-07-06 | CVE-2006-3356 | Denial-Of-Service vulnerability in Mac OS X The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. | 2.6 |
| 2006-06-29 | CVE-2006-1467 | Numeric Errors vulnerability in Apple Itunes Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (STSZ) atom with a "malformed" sample_size_table value. | 5.1 |
| 2006-06-27 | CVE-2006-1471 | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. | 4.6 |
| 2006-06-27 | CVE-2006-1470 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | 5.0 |
| 2006-06-27 | CVE-2006-1469 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | 7.5 |
| 2006-06-27 | CVE-2006-1468 | Multiple Security vulnerability in Retired: Apple Mac OS X Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. | 5.0 |
| 2006-06-26 | CVE-2006-3224 | Denial-Of-Service vulnerability in Apple Safari 2.0.3417.9.3 Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. | 5.4 |
| 2006-05-24 | CVE-2006-1466 | Remote Access vulnerability in Apple Xcode Tools WebObjects Unauthorized Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. | 4.0 |
| 2006-05-12 | CVE-2006-2238 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. | 7.5 |