Vulnerabilities > Apple > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-07-23 CVE-2007-3944 Buffer Errors vulnerability in Apple Iphone OS, Safari and Webkit
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions.
network
apple CWE-119
critical
 9.3
9.3
2007-07-17 CVE-2007-3828 Remote Code Execution vulnerability in Apple Mac OS X mDNSResponder Variant
Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386.
network
low complexity
apple
critical
 10.0
10
2007-07-16 CVE-2007-3798 Unchecked Return Value vulnerability in multiple products
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
network
low complexity
tcpdump canonical debian slackware freebsd apple CWE-252
critical
 9.8
9.8
2007-07-15 CVE-2007-2397 Code Execution vulnerability in Apple QuickTime
QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets.
network
apple
critical
 9.3
9.3
2007-07-15 CVE-2007-2396 Code Execution vulnerability in Apple QuickTime
The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets.
network
apple
critical
 9.3
9.3
2007-07-15 CVE-2007-2394 Code Execution vulnerability in Apple QuickTime
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation.
network
apple
critical
 9.3
9.3
2007-07-15 CVE-2007-2393 Code Execution vulnerability in Apple QuickTime
The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.
network
apple
critical
 9.3
9.3
2007-07-15 CVE-2007-2392 Code Execution vulnerability in Apple QuickTime
Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption.
network
apple
critical
 9.3
9.3
2007-06-25 CVE-2007-3376 Buffer Overflow vulnerability in Apple Safari 3.0.2
Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark.
network
microsoft apple
critical
 9.3
9.3
2007-06-25 CVE-2007-2399 Unspecified vulnerability in Apple mac OS X and mac OS X Server
WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.
network
apple
critical
 9.3
9.3