Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2830 | 1 Apple | 1 Mac Os X | 2017-08-08 | 7.2 HIGH | N/A |
| Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versions, does not properly restrict the loading of scripting addition plugins, which allows local users to gain privileges via scripting addition commands to a privileged application, as originally demonstrated by an osascript tell command to ARDAgent. | |||||
| CVE-2008-2321 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2017-08-08 | 9.3 HIGH | N/A |
| Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments." | |||||
| CVE-2008-2305 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names." | |||||
| CVE-2008-1517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 7.2 HIGH | N/A |
| Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (system shutdown) via unspecified vectors related to workqueues. | |||||
| CVE-2008-2308 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information. | |||||
| CVE-2008-1575 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing. | |||||
| CVE-2008-2311 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 7.6 HIGH | N/A |
| Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file. | |||||
| CVE-2008-1577 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file, related to "multiple memory corruption issues." | |||||
| CVE-2008-2331 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 5.0 MEDIUM | N/A |
| Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that were not intended by an administrator. | |||||
| CVE-2008-1574 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 9.3 HIGH | N/A |
| Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow. | |||||
| CVE-2008-2322 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2017-08-08 | 9.3 HIGH | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | |||||
| CVE-2008-1701 | 2 Apple, Novell | 2 Mac Os X, Iprint | 2017-08-08 | 5.0 MEDIUM | N/A |
| Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request. | |||||
| CVE-2008-1580 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2017-08-08 | 4.3 MEDIUM | N/A |
| CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and use arbitrary certificates to track user activities across domains, a related issue to CVE-2007-4879. | |||||
| CVE-2008-2310 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 6.8 MEDIUM | N/A |
| Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code. | |||||
| CVE-2008-1579 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 5.0 MEDIUM | N/A |
| Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. | |||||
| CVE-2008-1576 | 1 Apple | 1 Mac Os X | 2017-08-08 | 6.8 MEDIUM | N/A |
| Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in opportunistic circumstances, by sending an e-mail message. | |||||
| CVE-2008-2312 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 4.9 MEDIUM | N/A |
| Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file. | |||||
| CVE-2008-1578 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 2.1 LOW | N/A |
| The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process. | |||||
| CVE-2008-1573 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 7.1 HIGH | N/A |
| The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read. | |||||
| CVE-2008-2324 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 4.6 MEDIUM | N/A |
| The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs. | |||||