Apple

macOS X Server

655 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2007-4701

  • EPSS 0.07%
  • Published 15.11.2007 02:46:00
  • Last modified 09.04.2025 00:30:58

WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari is previewing a PDF file, which allows local users to read the contents of that file.

7.2

CVE-2007-4269

  • EPSS 0.11%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflo...

7.1

CVE-2007-4678

  • EPSS 0.52%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted.

7.2

CVE-2007-4685

  • EPSS 0.05%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."

7.2

CVE-2007-4686

  • EPSS 0.09%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request.

9.3

CVE-2007-4687

  • EPSS 0.39%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files.

5

CVE-2007-4688

  • EPSS 0.45%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.

10

CVE-2007-4689

  • EPSS 6.35%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.

9

CVE-2007-4690

  • EPSS 2.23%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.

10

CVE-2007-4691

  • EPSS 0.52%
  • Published 15.11.2007 01:46:00
  • Last modified 09.04.2025 00:30:58

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.