Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-14 | CVE-2006-0400 | Unspecified vulnerability in Apple mac OS X and mac OS X Server CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." | 7.5 |
2006-03-14 | CVE-2006-0399 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. | 7.5 |
2006-03-14 | CVE-2006-0398 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. | 7.5 |
2006-03-14 | CVE-2006-0397 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. | 7.5 |
2006-03-14 | CVE-2006-0396 | Remote Buffer Overflow vulnerability in Apple Mac OS X Mail Message Attachment Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. | 5.1 |
2006-03-14 | CVE-2006-1220 | Local Heap Overflow vulnerability in Apple Mac OS X Kernel MACH_MSG_SEND Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow. | 4.6 |
2006-03-06 | CVE-2006-0387 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | 6.4 |
2006-03-03 | CVE-2006-0391 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper. | 1.7 |
2006-03-03 | CVE-2006-0389 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. | 2.6 |
2006-03-03 | CVE-2006-0388 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | 2.6 |