Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-3507 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Sep 21, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network.
CVE-2006-4887 1Apple 2Apple Remote Desktop Mac Os X Apr 16, 2026 Sep 19, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by sele...Show more Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.Show less
CVE-2006-4866 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Sep 19, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
CVE-2006-4095 3Apple CanonicalIsc 4Bind Mac Os XMac Os X Server+1 more Apr 16, 2026 Sep 6, 2006 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
CVE-2006-3506 1Apple 3Mac Os X Mac Os X ServerXsan Apr 16, 2026 Aug 21, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."
CVE-2006-0395 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 5, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file...Show more The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types.Show less
CVE-2006-3505 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has alre...Show more WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.Show less
CVE-2006-3504 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloadi...Show more The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.Show less
CVE-2006-3503 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image.
CVE-2006-3502 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocat...Show more Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.Show less
CVE-2006-3501 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image.
CVE-2006-3500 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path v...Show more The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability.Show less
CVE-2006-3499 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications.
CVE-2006-0393 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang.
CVE-2006-0392 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 3, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.
CVE-2006-3498 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 2, 2006 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request.
CVE-2006-3497 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 2, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary cod...Show more Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.Show less
CVE-2006-3496 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 2, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition.
CVE-2006-3495 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 2, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.
CVE-2006-1473 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Aug 2, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors.

Previous 1...147148149...161 Next