Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2009-2837 6.8
Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
19-09-2017 - 01:29 10-11-2009 - 19:30
CVE-2009-2820 4.3
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTT
19-09-2017 - 01:29 10-11-2009 - 19:30
CVE-2009-2839 6.8
Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Per: http://support.apple.com/kb/HT3937 "This issue does no
19-12-2009 - 06:57 10-11-2009 - 19:30
CVE-2009-2823 4.3
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
24-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2832 5.1
Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related t
17-11-2009 - 07:03 10-11-2009 - 19:30
CVE-2009-2838 6.8
Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document that triggers a buffer overflow.
17-11-2009 - 07:03 10-11-2009 - 19:30
CVE-2009-2840 4.9
Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors.
17-11-2009 - 07:03 10-11-2009 - 19:30
CVE-2009-2833 7.5
Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Pe
17-11-2009 - 07:03 10-11-2009 - 19:30
CVE-2009-2836 6.2
Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has a blank password, allows attackers to bypass password authentication and obtain login access to an arbitrary account via unspecified vectors. Per:
17-11-2009 - 07:03 10-11-2009 - 19:30
CVE-2009-2835 4.6
The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors.
17-11-2009 - 07:03 10-11-2009 - 19:30
CVE-2009-2819 9.3
AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors. Per: http://support.apple.com/kb/HT3937 "These issues do not affect
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2808 5.4
Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spo
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2829 5.0
Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafted authentication data sent to an SSH daemon, which allows remote attackers to cause a denial of service via vectors involving processing of XML log documents by other services, rel
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2827 6.8
Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image. Per: http://support.appl
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2810 6.8
Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trig
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2825 4.3
Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL ser
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2826 6.8
Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow.
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2831 5.8
Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue."
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2830 6.8
Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2818 5.0
Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack). Per: http://suppor
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2824 6.8
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document. Per: http://support.apple.com/kb/HT3937 "These issues do not affect Mac OS
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2828 7.5
The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
17-11-2009 - 07:02 10-11-2009 - 19:30
CVE-2009-2834 4.9
IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors.
17-11-2009 - 05:00 10-11-2009 - 19:30
Back to Top Mark selected
Back to Top