Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x_server
(Apple)| Repositories | https://github.com/apache/httpd |
| #Vulnerabilities | 658 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-09-14 | CVE-2009-2813 | Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. | Mac_os_x, Mac_os_x_server, Fedora, Samba | N/A | ||
| 2009-09-14 | CVE-2009-2812 | Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-09-14 | CVE-2009-2811 | Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-11-10 | CVE-2009-2810 | Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-09-14 | CVE-2009-2809 | ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-11-10 | CVE-2009-2808 | Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-09-14 | CVE-2009-2807 | Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-09-14 | CVE-2009-2805 | Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-09-14 | CVE-2009-2804 | Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | Mac_os_x, Mac_os_x_server, Safari | N/A | ||
| 2009-09-14 | CVE-2009-2803 | CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | Mac_os_x, Mac_os_x_server | N/A |