Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2010-1637

  • EPSS 0.13%
  • Published 22.06.2010 17:30:01
  • Last modified 11.04.2025 00:51:21

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

6

CVE-2010-0540

  • EPSS 0.4%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for ...

4.3

CVE-2010-0541

  • EPSS 1.42%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.

6.8

CVE-2010-0543

  • EPSS 2.12%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding.

4.4

CVE-2010-0545

  • EPSS 0.07%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the expected file ownerships during an "Apply to enclosed items" action, which allows local users to bypass intended access restrictions via normal filesyste...

3.3

CVE-2010-0546

  • EPSS 0.03%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder.

4.3

CVE-2010-1373

  • EPSS 0.52%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."

4.3

CVE-2010-1374

  • EPSS 0.8%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation.

7.2

CVE-2010-1375

  • EPSS 0.05%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors.

6.8

CVE-2010-1376

  • EPSS 3.7%
  • Published 17.06.2010 16:30:01
  • Last modified 11.04.2025 00:51:21

Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) afp, (2) cifs...