Vulnerabilities > Apple > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-12 | CVE-2006-1461 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file. | 5.1 |
2006-05-12 | CVE-2006-1460 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. | 5.1 |
2006-05-12 | CVE-2006-1459 | Numeric Errors vulnerability in Apple Quicktime Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). | 5.1 |
2006-05-12 | CVE-2006-1458 | Numeric Errors vulnerability in Apple Quicktime 7.0.3/7.0.4 Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | 5.1 |
2006-05-12 | CVE-2006-1454 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime 7.0.3/7.0.4 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | 5.1 |
2006-05-12 | CVE-2006-1453 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | 5.1 |
2006-05-10 | CVE-2006-2277 | Remote Denial Of Service vulnerability in Apple Mac OS X ImageIO OpenEXR Image File Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file. | 5.0 |
2006-04-25 | CVE-2006-2019 | Denial Of Service vulnerability in Apple Safari Web Browser Rowspan Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. | 5.0 |
2006-04-21 | CVE-2006-1988 | Multiple Security vulnerability in Apple Mac OS X The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. | 5.0 |
2006-04-21 | CVE-2006-1985 | Buffer Errors vulnerability in Apple mac OS X, mac OS X Server and Safari Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. | 5.1 |