Total
5557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2407 | 2 Apple, Samba | 3 Mac Os X, Mac Os X Server, Samba Server | 2017-07-29 | 4.0 MEDIUM | N/A |
| The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. | |||||
| CVE-2007-2406 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quartz Composer | 2017-07-29 | 6.8 MEDIUM | N/A |
| Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file. | |||||
| CVE-2007-2405 | 1 Apple | 3 Mac Os X, Mac Os X Server, Pdfkit | 2017-07-29 | 6.8 MEDIUM | N/A |
| Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2007-2404 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. | |||||
| CVE-2007-2403 | 1 Apple | 3 Cfnetwork, Mac Os X, Mac Os X Server | 2017-07-29 | 6.8 MEDIUM | N/A |
| CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. | |||||
| CVE-2007-2390 | 1 Apple | 1 Mac Os X | 2017-07-29 | 10.0 HIGH | N/A |
| Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | |||||
| CVE-2007-2389 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, All Windows | 2017-07-29 | 7.1 HIGH | N/A |
| Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | |||||
| CVE-2007-2386 | 1 Apple | 1 Mac Os X | 2017-07-29 | 9.4 HIGH | N/A |
| Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | |||||
| CVE-2007-1279 | 2 Adobe, Apple | 2 Bridge, Mac Os X | 2017-07-29 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges. | |||||
| CVE-2007-0752 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 7.2 HIGH | N/A |
| The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. | |||||
| CVE-2007-0751 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 2.1 LOW | N/A |
| A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. | |||||
| CVE-2007-0750 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 9.3 HIGH | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. | |||||
| CVE-2007-0740 | 1 Apple | 1 Mac Os X | 2017-07-29 | 6.8 MEDIUM | N/A |
| Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files. | |||||
| CVE-2007-0736 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 9.3 HIGH | N/A |
| Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. | |||||
| CVE-2007-0734 | 1 Apple | 2 Airport Extreme, Mac Os X | 2017-07-29 | 5.4 MEDIUM | N/A |
| fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. | |||||
| CVE-2007-0733 | 1 Apple | 2 Imageio, Mac Os X | 2017-07-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption. | |||||
| CVE-2007-0731 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. | |||||
| CVE-2007-0730 | 1 Apple | 2 Mac Os X, Server Manager | 2017-07-29 | 6.8 MEDIUM | N/A |
| Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration. | |||||
| CVE-2007-0728 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2007-0726 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 5.0 MEDIUM | N/A |
| The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys. | |||||