Filtered by vendor Apple
Subscribe
Total
11236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2389 | 2 Apple, Microsoft | 3 Mac Os X, Quicktime, All Windows | 2017-07-29 | 7.1 HIGH | N/A |
| Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets. | |||||
| CVE-2007-2387 | 1 Apple | 1 Xserve Lights-out Management | 2017-07-29 | 10.0 HIGH | N/A |
| Apple Xserve Lights-Out Management before Firmware Update 1.0 on Intel hardware does not require a password for remote access to IPMI, which allows remote attackers to gain administrative access via unspecified requests with ipmitool. | |||||
| CVE-2007-2386 | 1 Apple | 1 Mac Os X | 2017-07-29 | 9.4 HIGH | N/A |
| Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | |||||
| CVE-2007-2296 | 1 Apple | 1 Quicktime | 2017-07-29 | 9.3 HIGH | N/A |
| Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file. | |||||
| CVE-2007-2295 | 1 Apple | 1 Quicktime | 2017-07-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other versions before 7.2 allows remote attackers to execute arbitrary code via a crafted H.264 MOV file. | |||||
| CVE-2007-1338 | 1 Apple | 1 Airport Extreme | 2017-07-29 | 7.5 HIGH | N/A |
| The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4. | |||||
| CVE-2007-1279 | 2 Adobe, Apple | 2 Bridge, Mac Os X | 2017-07-29 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges. | |||||
| CVE-2007-0752 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 7.2 HIGH | N/A |
| The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. | |||||
| CVE-2007-0751 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 2.1 LOW | N/A |
| A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. | |||||
| CVE-2007-0750 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 9.3 HIGH | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. | |||||
| CVE-2007-0749 | 1 Apple | 2 Darwin Streaming Server, Mac Os X Server | 2017-07-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. | |||||
| CVE-2007-0748 | 1 Apple | 2 Darwin Streaming Server, Mac Os X Server | 2017-07-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. | |||||
| CVE-2007-0745 | 1 Apple | 1 Mac Os X Server | 2017-07-29 | 7.1 HIGH | N/A |
| The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories. | |||||
| CVE-2007-0740 | 1 Apple | 1 Mac Os X | 2017-07-29 | 6.8 MEDIUM | N/A |
| Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files. | |||||
| CVE-2007-0736 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 9.3 HIGH | N/A |
| Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. | |||||
| CVE-2007-0734 | 1 Apple | 2 Airport Extreme, Mac Os X | 2017-07-29 | 5.4 MEDIUM | N/A |
| fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. | |||||
| CVE-2007-0733 | 1 Apple | 2 Imageio, Mac Os X | 2017-07-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption. | |||||
| CVE-2007-0731 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. | |||||
| CVE-2007-0730 | 1 Apple | 2 Mac Os X, Server Manager | 2017-07-29 | 6.8 MEDIUM | N/A |
| Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration. | |||||
| CVE-2007-0728 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-29 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files. | |||||