| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-1035 | 4.3 |
Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, whic
|
11-10-2018 - 20:29 | 03-06-2008 - 20:32 | |
| CVE-2008-1036 | 4.3 |
The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow re
|
29-09-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1575 | 9.3 |
Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that oc
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1579 | 5.0 |
Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog.
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1573 | 7.1 |
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read.
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1572 | 4.6 |
Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows local users to overwrite arbitrary files, and display images that are being resized by this application.
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1580 | 4.3 |
CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifi
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1578 | 2.1 |
The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process.
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1576 | 6.8 |
Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1574 | 9.3 |
Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow.
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1571 | 5.0 |
Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1577 | 9.3 |
Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file, related to "multiple memo
|
08-08-2017 - 01:30 | 02-06-2008 - 21:30 | |
| CVE-2008-1028 | 9.3 |
Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document file, as demonstrated by opening the document wi
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 | |
| CVE-2008-1027 | 4.3 |
Apple Filing Protocol (AFP) Server in Apple Mac OS X before 10.5.3 does not verify that requested files and directories are inside shared folders, which allows remote attackers to read arbitrary files via unspecified AFP traffic.
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 | |
| CVE-2008-1033 | 2.1 |
The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environmen
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 | |
| CVE-2008-1031 | 9.3 |
CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document, related to an uninitialized variable.
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 | |
| CVE-2008-1034 | 9.3 |
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow.
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 | |
| CVE-2008-1030 | 10.0 |
Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac OS X before 10.5.3 allows context-dependent attackers to execute arbitrary code or cause a denial of service (crash) via an invalid length argument,
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 | |
| CVE-2008-1032 | 6.8 |
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via an (1) Automator, (2) Help, (3) Safari, or (4) Terminal content type for a downloadable object, which
|
08-08-2017 - 01:29 | 02-06-2008 - 21:30 |