Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-2833 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application cras...Show more Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.Show less
CVE-2009-2831 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue."
CVE-2009-2830 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a c...Show more Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.Show less
CVE-2009-2828 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CVE-2009-2827 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk i...Show more Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image.Show less
CVE-2009-2826 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based...Show more Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow.Show less
CVE-2009-2825 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attack...Show more Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.Show less
CVE-2009-2824 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document.
CVE-2009-2823 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
CVE-2009-2820 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site s...Show more The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues.Show less
CVE-2009-2819 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors.
CVE-2009-2810 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined...Show more Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message.Show less
CVE-2009-2808 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Nov 10, 2009 N/A· v4 N/A· v3 5.4 MEDIUM· v2 Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby exe...Show more Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response.Show less
CVE-2009-3767 3Apple FedoraprojectOpenldap 3Fedora Mac Os XOpenldap Apr 23, 2026 Oct 23, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certifi...Show more libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.Show less
CVE-2009-2813 3Apple FedoraprojectSamba 4Fedora Mac Os XMac Os X Server+1 more Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 6.0 MEDIUM· v2 Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems,...Show more Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.Show less
CVE-2009-2812 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automati...Show more Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site.Show less
CVE-2009-2811 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning me...Show more Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature.Show less
CVE-2009-2809 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corr...Show more ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues."Show less
CVE-2009-2807 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 7.2 HIGH· v2 Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.
CVE-2009-2805 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading t...Show more Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow.Show less

Previous 1...130131132...161 Next