| Max CVSS | 9.4 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-5863 | 9.3 |
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" op
|
15-10-2018 - 21:46 | 19-12-2007 - 21:46 | |
| CVE-2007-3876 | 6.6 |
Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.
|
29-09-2017 - 01:29 | 19-12-2007 - 21:46 | |
| CVE-2007-5857 | 6.4 |
Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive information via HREFTrack.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5853 | 9.3 |
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5847 | 6.6 |
Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5850 | 8.8 |
Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5854 | 4.3 |
Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via a crafted HTML file.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5860 | 7.2 |
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-4710 | 9.3 |
Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5856 | 9.4 |
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-5861 | 6.8 |
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-4709 | 8.8 |
Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to overwrite arbitrary files via a crafted HTTP response.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-4708 | 9.3 |
Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
|
29-07-2017 - 01:33 | 19-12-2007 - 21:46 | |
| CVE-2007-6165 | 9.3 |
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate
|
06-10-2011 - 04:00 | 29-11-2007 - 01:46 |