Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2007-3749

  • EPSS 0.15%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setui...

7.2

CVE-2007-4267

  • EPSS 0.11%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table.

7.8

CVE-2007-4268

  • EPSS 0.75%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation...

7.2

CVE-2007-4269

  • EPSS 0.11%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflo...

7.1

CVE-2007-4678

  • EPSS 0.52%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted.

2.6

CVE-2007-4679

  • EPSS 0.71%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.

6.8

CVE-2007-4680

  • EPSS 1.07%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack.

6.9

CVE-2007-4681

  • EPSS 0.1%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy.

6.8

CVE-2007-4682

  • EPSS 2.78%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer.

4.6

CVE-2007-4683

  • EPSS 0.05%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory.