Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-0989 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname.
CVE-2008-0988 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read.
CVE-2008-0060 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:run...Show more Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link.Show less
CVE-2008-0059 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
CVE-2008-0058 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent...Show more Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object.Show less
CVE-2008-0056 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileMana...Show more Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager.Show less
CVE-2008-0055 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 7.2 HIGH· v2 Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a...Show more Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges.Show less
CVE-2008-0054 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used.
CVE-2008-0052 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.
CVE-2008-0997 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Des...Show more Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when querying a network printer.Show less
CVE-2008-0057 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.
CVE-2008-0051 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data.
CVE-2008-0050 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
CVE-2008-0049 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 1.9 LOW· v2 AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via craf...Show more AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications.Show less
CVE-2008-0048 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.
CVE-2008-0046 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used...Show more The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.Show less
CVE-2008-0045 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 allows remote attackers to bypass cross-realm authentication via unknown manipulations of Kerberos principal realm names.
CVE-2008-0044 1Apple 2Mac Os X Mac Os X Server Apr 23, 2026 Mar 18, 2008 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.
CVE-2008-0888 4Apple CanonicalDebian+1 more 4Debian Linux Mac Os XUbuntu Linux+1 more May 1, 2025 Mar 17, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via u...Show more The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.Show less
CVE-2008-0042 1Apple 1Mac Os X Apr 23, 2026 Feb 12, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes.

Previous 1...138139140...161 Next