Vulnerabilities > Apple > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-05 | CVE-2007-0711 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. | 9.3 |
| 2007-01-26 | CVE-2007-0462 | Remote Memory Corruption vulnerability in Apple Mac OS X QuickDraw GetSrcBits32ARGB The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption. | 10.0 |
| 2007-01-16 | CVE-2007-0236 | Buffer Errors vulnerability in Apple mac OS X 10.4.8 Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow. | 10.0 |
| 2007-01-09 | CVE-2007-0117 | Local Privilege Escalation vulnerability in Apple DiskManagement Framework BOM DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation. | 10.0 |
| 2006-12-31 | CVE-2006-6900 | Remote Security vulnerability in Apple mac OS X 10.4 Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug." | 10.0 |
| 2006-12-20 | CVE-2006-6652 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. | 9.0 |
| 2006-11-30 | CVE-2006-4404 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges. | 10.0 |
| 2006-11-22 | CVE-2006-6061 | Remote Denial Of Service vulnerability in Apple Mac OS X UDIF Disk Image com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. | 9.3 |
| 2006-08-02 | CVE-2006-3498 | Multiple Security vulnerability in Apple Mac OS X Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request. | 10.0 |
| 2005-08-19 | CVE-2005-2511 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | 10.0 |