Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-11-16 | CVE-2010-4010 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document. | 6.8 |
| 2010-11-16 | CVE-2010-3796 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications. | 4.3 |
| 2010-11-16 | CVE-2010-3795 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | 6.8 |
| 2010-11-16 | CVE-2010-3794 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | 6.8 |
| 2010-11-16 | CVE-2010-3793 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file. | 6.8 |
| 2010-11-16 | CVE-2010-3792 | Numeric Errors vulnerability in Apple mac OS X, mac OS X Server and Quicktime Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. | 6.8 |
| 2010-11-16 | CVE-2010-3791 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X, mac OS X Server and Quicktime Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. | 6.8 |
| 2010-11-16 | CVE-2010-3790 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary. | 6.8 |
| 2010-11-16 | CVE-2010-3789 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file. | 6.8 |
| 2010-11-16 | CVE-2010-3788 | Improper Input Validation vulnerability in Apple mac OS X, mac OS X Server and Quicktime QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file. | 6.8 |