Apple macOS vulnerabilities

CVE-2011-3463 [HIGH] CWE-287 CVE-2011-3463: WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, whic WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory.

CVE-2011-3453 [HIGH] CWE-189 CVE-2011-3453: Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arb Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data.

CVE-2011-3457 [HIGH] CWE-119 CVE-2011-3457: The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading L The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted program.

CVE-2011-3458 [MEDIUM] CWE-264 CVE-2011-3458: QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file.

CVE-2011-3459 [MEDIUM] CWE-189 CVE-2011-3459: Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arb Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow.

CVE-2011-3448 [MEDIUM] CWE-119 CVE-2011-3448: Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to e Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

CVE-2011-3444 [MEDIUM] CWE-310 CVE-2011-3444: Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon fai Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network.

CVE-2011-3449 [MEDIUM] CWE-399 CVE-2011-3449: Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document.

CVE-2011-3447 [MEDIUM] CWE-200 CVE-2011-3447: CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL.

CVE-2011-3462 [MEDIUM] CVE-2011-3462: Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803.

CVE-2011-3450 [MEDIUM] CWE-399 CVE-2011-3450: CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack mem CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL.

CVE-2011-3452 [MEDIUM] CWE-200 CVE-2011-3452: Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across so Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network.

CVE-2011-3919 [HIGH] CWE-787 CVE-2011-3919: Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote at Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CVE-2008-7303 [HIGH] CWE-264 CVE-2008-7303: The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemon's execution of a script file, a related issue to CVE-2011-1516.

CVE-2011-1516 [HIGH] CVE-2011-1516: The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through 10.7.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of osascript to send Apple events to the launchd daemon, a related issue to CVE-2008-7303.

CVE-2011-0230 [HIGH] CWE-119 CVE-2011-0230: Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 1 Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

CVE-2011-3213 [HIGH] CWE-264 CVE-2011-3213: The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.50 The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection.

CVE-2011-3223 [MEDIUM] CWE-119 CVE-2011-3223: Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbi Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file.

CVE-2011-3220 [MEDIUM] CWE-200 CVE-2011-3220: QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

CVE-2011-3226 [MEDIUM] CWE-264 CVE-2011-3226: Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account.