Apple

macOS X Server

655 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2007-2399

  • EPSS 15.25%
  • Published 25.06.2007 19:30:00
  • Last modified 09.04.2025 00:30:58

WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.

4.3

CVE-2007-2401

  • EPSS 3.18%
  • Published 25.06.2007 19:30:00
  • Last modified 09.04.2025 00:30:58

CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializ...

9.3

CVE-2007-0750

  • EPSS 5.53%
  • Published 24.05.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file.

2.1

CVE-2007-0751

  • EPSS 0.07%
  • Published 24.05.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.

7.2

CVE-2007-0752

  • EPSS 0.23%
  • Published 24.05.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.

7.2

CVE-2007-0753

  • EPSS 0.41%
  • Published 24.05.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.

7.1

CVE-2007-0745

  • EPSS 0.2%
  • Published 02.05.2007 21:19:00
  • Last modified 09.04.2025 00:30:58

The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories.

9.3

CVE-2007-0735

  • EPSS 1.48%
  • Published 24.04.2007 17:19:00
  • Last modified 09.04.2025 00:30:58

Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigg...

9.3

CVE-2007-0736

  • EPSS 18.67%
  • Published 24.04.2007 17:19:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.

7.2

CVE-2007-0744

  • EPSS 0.07%
  • Published 24.04.2007 17:19:00
  • Last modified 09.04.2025 00:30:58

SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.