CVE-2007-4684
- EPSS 1%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:34
Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call.
CVE-2007-4685
- EPSS 0.34%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."
CVE-2007-4686
- EPSS 0.37%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request.
CVE-2007-4687
- EPSS 1.7%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files.
- EPSS 1.85%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.
- EPSS 7.45%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.
- EPSS 3.98%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
- EPSS 2.11%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:35
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.
CVE-2007-4693
- EPSS 0.39%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:36
The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboard focus between secure text fi...
CVE-2007-4694
- EPSS 1.54%
- Veröffentlicht 15.11.2007 01:46:00
- Zuletzt bearbeitet 16.06.2026 22:44:36
Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.