Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x_server
(Apple)| Repositories | https://github.com/apache/httpd |
| #Vulnerabilities | 658 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-05-13 | CVE-2009-0943 | Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0942 | Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0161 | The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 misinterprets an unspecified invalid response as a successful OCSP certificate validation, which might allow remote attackers to spoof certificate authentication via a revoked certificate. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0160 | QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that triggers memory corruption. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0158 | Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long hostname for a telnet server. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0157 | Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0156 | Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0155 | Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0154 | Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2009-05-13 | CVE-2009-0153 | International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | Mac_os_x, Mac_os_x_server | N/A |