Vulnerabilities > Apple > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-07 | CVE-2007-2395 | Remote Memory Corruption vulnerability in Apple QuickTime Image Description Atom Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a crafted image description atom in a movie file, related to "memory corruption." | 9.3 |
| 2007-10-18 | CVE-2007-5476 | Unspecified vulnerability in Adobe Flash Player On Opera Browser For Mac OSX Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. | 10.0 |
| 2007-10-14 | CVE-2007-5450 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file. | 9.3 |
| 2007-10-04 | CVE-2007-4673 | OS Command Injection vulnerability in Apple Quicktime 7.2 Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. | 9.3 |
| 2007-09-24 | CVE-2007-5045 | Code Injection vulnerability in multiple products Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. | 9.3 |
| 2007-09-06 | CVE-2007-3752 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file. | 9.3 |
| 2007-07-23 | CVE-2007-3944 | Buffer Errors vulnerability in Apple Iphone OS, Safari and Webkit Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. | 9.3 |
| 2007-07-17 | CVE-2007-3828 | Remote Code Execution vulnerability in Apple Mac OS X mDNSResponder Variant Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386. | 10.0 |
| 2007-07-16 | CVE-2007-3798 | Unchecked Return Value vulnerability in multiple products Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | 9.8 |
| 2007-07-15 | CVE-2007-2397 | Code Execution vulnerability in Apple QuickTime QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | 9.3 |