Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-12-19 | CVE-2007-3876 | Buffer Errors vulnerability in Apple mac OS X 10.4.11 Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil. | 6.6 |
| 2007-12-15 | CVE-2007-6359 | Numeric Errors vulnerability in Apple mac OS X 10.5.1 The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. | 4.9 |
| 2007-12-15 | CVE-2007-4706 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file. | 6.8 |
| 2007-12-06 | CVE-2007-6261 | Numeric Errors vulnerability in Apple mac OS X 10.4/10.5.1 Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary. | 4.9 |
| 2007-12-06 | CVE-2007-5971 | Resource Management Errors vulnerability in MIT Kerberos 5 Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | 6.9 |
| 2007-12-06 | CVE-2007-5901 | Resource Management Errors vulnerability in MIT Kerberos 5 Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | 6.9 |
| 2007-11-27 | CVE-2007-4674 | Numeric Errors vulnerability in Apple Quicktime 7.2 An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow. | 6.8 |
| 2007-11-15 | CVE-2007-4697 | Multiple Security vulnerability in Apple Mac OS X v10.4.11 2007-008 Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption. network apple | 6.8 |
| 2007-11-15 | CVE-2007-4696 | Race Condition vulnerability in Apple mac OS X and mac OS X Server Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari. | 4.3 |
| 2007-11-15 | CVE-2007-4695 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads. | 4.3 |