Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x_server
(Apple)Repositories | https://github.com/apache/httpd |
#Vulnerabilities | 664 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2014-09-19 | CVE-2014-1391 | QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding. | Mac_os_x, Mac_os_x_server | N/A | ||
2014-07-01 | CVE-2014-1371 | Array index error in Dock in Apple OS X before 10.9.4 allows attackers to execute arbitrary code or cause a denial of service (incorrect function-pointer dereference and application crash) by leveraging access to a sandboxed application for sending a message. | Mac_os_x, Mac_os_x_server | N/A | ||
2014-07-01 | CVE-2014-1370 | The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive. | Mac_os_x, Mac_os_x_server | N/A | ||
2014-04-23 | CVE-2014-1296 | CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. | Iphone_os, Mac_os_x, Mac_os_x_server, Tvos | N/A | ||
2014-02-27 | CVE-2014-1270 | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. | Mac_os_x, Mac_os_x_server, Safari, Webkit | N/A | ||
2014-02-27 | CVE-2014-1269 | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. | Mac_os_x, Mac_os_x_server, Safari, Webkit | N/A | ||
2014-02-27 | CVE-2014-1268 | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. | Mac_os_x, Mac_os_x_server, Safari, Webkit | N/A | ||
2014-02-27 | CVE-2014-1265 | The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock. | Mac_os_x, Mac_os_x_server | N/A | ||
2014-02-27 | CVE-2014-1259 | Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename. | Mac_os_x, Mac_os_x_server | N/A | ||
2014-02-27 | CVE-2014-1256 | Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | Mac_os_x, Mac_os_x_server | N/A |