Apple

macOS X Server

655 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-3221

  • EPSS 1.77%
  • Veröffentlicht 14.10.2011 10:55:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.

6.8

CVE-2011-3222

  • EPSS 2.25%
  • Veröffentlicht 14.10.2011 10:55:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

4.4

CVE-2011-0185

  • EPSS 0.06%
  • Veröffentlicht 14.10.2011 10:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.

6.8

CVE-2011-0224

  • EPSS 1.41%
  • Veröffentlicht 14.10.2011 10:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

6.8

CVE-2011-0229

  • EPSS 1.86%
  • Veröffentlicht 14.10.2011 10:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

4.3

CVE-2011-3422

  • EPSS 0.38%
  • Veröffentlicht 12.09.2011 12:40:44
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Ext...

2.1

CVE-2011-0197

  • EPSS 0.05%
  • Veröffentlicht 24.06.2011 20:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions.

6.8

CVE-2011-0198

  • EPSS 11.35%
  • Veröffentlicht 24.06.2011 20:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

5.9

CVE-2011-0199

  • EPSS 0.17%
  • Veröffentlicht 24.06.2011 20:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked cer...

6.8

CVE-2011-0200

  • EPSS 2.87%
  • Veröffentlicht 24.06.2011 20:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based b...