Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
Max CVSS
4.3
EPSS Score
0.40%
Published
2007-12-28
Updated
2018-10-15
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.
Max CVSS
4.9
EPSS Score
0.05%
Published
2007-12-15
Updated
2017-08-08
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.
Max CVSS
7.8
EPSS Score
20.41%
Published
2007-12-07
Updated
2017-09-29
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-12-06
Updated
2017-08-08
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166.
Max CVSS
10.0
EPSS Score
4.53%
Published
2007-12-04
Updated
2017-08-08

CVE-2007-6166

Public exploit
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Max CVSS
9.3
EPSS Score
97.02%
Published
2007-11-29
Updated
2018-10-30

CVE-2007-6165

Public exploit
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
Max CVSS
9.3
EPSS Score
13.93%
Published
2007-11-29
Updated
2011-10-06

CVE-2007-5863

Public exploit
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.
Max CVSS
9.3
EPSS Score
91.79%
Published
2007-12-19
Updated
2018-10-15
Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.
Max CVSS
9.4
EPSS Score
2.09%
Published
2007-12-18
Updated
2011-03-08
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.
Max CVSS
6.8
EPSS Score
0.38%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.
Max CVSS
9.3
EPSS Score
5.69%
Published
2007-12-19
Updated
2017-07-29
WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information.
Max CVSS
4.3
EPSS Score
0.49%
Published
2007-12-19
Updated
2022-08-09
Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive information via HREFTrack.
Max CVSS
6.4
EPSS Score
0.74%
Published
2007-12-19
Updated
2017-07-29
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.
Max CVSS
9.4
EPSS Score
0.74%
Published
2007-12-19
Updated
2017-07-29
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity.
Max CVSS
6.4
EPSS Score
0.74%
Published
2007-12-19
Updated
2017-07-29
Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via a crafted HTML file.
Max CVSS
4.3
EPSS Score
0.28%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption.
Max CVSS
9.3
EPSS Score
0.38%
Published
2007-12-19
Updated
2017-07-29
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.
Max CVSS
3.6
EPSS Score
0.49%
Published
2007-12-19
Updated
2017-07-29
Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.
Max CVSS
8.8
EPSS Score
0.20%
Published
2007-12-19
Updated
2017-07-29
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.
Max CVSS
7.2
EPSS Score
0.10%
Published
2007-12-19
Updated
2018-10-15
Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information.
Max CVSS
6.6
EPSS Score
0.04%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
Max CVSS
9.3
EPSS Score
0.54%
Published
2007-10-14
Updated
2022-08-09
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. NOTE: this is a related issue to CVE-2006-4965 and the result of an incomplete fix for CVE-2007-3670.
Max CVSS
9.3
EPSS Score
1.93%
Published
2007-09-24
Updated
2018-10-15
Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.
Max CVSS
5.0
EPSS Score
2.44%
Published
2007-09-11
Updated
2018-10-15
215 vulnerabilities found
1 2 3 4 5 6 7 8 9
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!