Max CVSS 10.0 Min CVSS 1.7 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-1001 4.3
Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1, when running on Windows XP or Vista, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that is not properly handled in the error page.
30-10-2018 - 16:25 19-03-2008 - 00:44
CVE-2008-0053 10.0
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
29-09-2017 - 01:30 18-03-2008 - 23:44
CVE-2008-0047 9.3
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted sea
29-09-2017 - 01:30 18-03-2008 - 23:44
CVE-2008-1011 4.3
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via a frame that calls a method instance in another frame.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1010 6.8
Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute arbitrary code via crafted regular expressions in JavaScript.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1009 4.3
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary JavaScript by modifying the history object.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1008 4.3
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via the document.domain property.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1007 4.3
WebCore, as used in Apple Safari before 3.1, does not enforce the frame navigation policy for Java applets, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1006 4.3
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1005 2.1
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate attackers to read the password.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1004 4.3
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the Web Inspector.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1003 4.3
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to sites that set the document.domain property or have the same docume
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1002 4.3
Cross-site scripting (XSS) vulnerability in Apple Safari before 3.1 allows remote attackers to inject arbitrary web script or HTML via a crafted javascript: URL.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-0999 7.1
Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0998 6.9
Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0997 6.8
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is no
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0996 1.7
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0995 2.6
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0994 2.6
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0992 5.8
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0990 4.4
notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated from the kernel, which allows local users to cause a denial of service via spoofed death notifications that prevent other applications from receiving
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0989 6.9
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0987 6.8
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) im
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0060 6.8
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0059 5.8
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0058 5.8
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0057 6.8
Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0056 6.8
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0055 7.2
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibl
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0054 6.4
Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0052 6.8
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.
08-08-2017 - 01:29 18-03-2008 - 23:44
CVE-2008-0051 6.9
Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0050 5.0
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0049 1.9
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged app
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0048 6.8
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0046 5.0
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to spe
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0045 7.1
Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 allows remote attackers to bypass cross-realm authentication via unknown manipulations of Kerberos principal realm names.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0044 5.8
Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.
08-08-2017 - 01:29 18-03-2008 - 22:44
CVE-2008-0993 2.1
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings.
27-08-2013 - 05:56 18-03-2008 - 23:44
CVE-2008-0988 4.3
Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read.
08-03-2011 - 03:05 18-03-2008 - 23:44
Back to Top Mark selected
Back to Top