Apple macOS vulnerabilities

CVE-2011-3217 [MEDIUM] CWE-119 CVE-2011-3217: MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image.

CVE-2011-3436 [MEDIUM] CWE-264 CVE-2011-3436: Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current p Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation.

CVE-2011-0231 [MEDIUM] CWE-200 CVE-2011-0231: CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

CVE-2011-3222 [MEDIUM] CWE-119 CVE-2011-3222: Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbi Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

CVE-2011-3225 [MEDIUM] CWE-264 CVE-2011-3225: The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account.

CVE-2011-3228 [MEDIUM] CWE-94 CVE-2011-3228: QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

CVE-2011-0229 [MEDIUM] CWE-119 CVE-2011-0229: Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

CVE-2011-3221 [MEDIUM] CWE-94 CVE-2011-3221: QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.

CVE-2011-3227 [MEDIUM] CWE-20 CVE-2011-3227: libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a n libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-mail message.

CVE-2011-3214 [MEDIUM] CWE-264 CVE-2011-3214: IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in displa IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors.

CVE-2011-3246 [MEDIUM] CWE-200 CVE-2011-3246: CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, wh CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies to unintended web sites, via a crafted (1) http or (2) https URL.

CVE-2011-3437 [MEDIUM] CWE-189 CVE-2011-3437: Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows re Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document.

CVE-2011-0224 [MEDIUM] CWE-94 CVE-2011-0224: CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or caus CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

CVE-2011-0260 [MEDIUM] CWE-264 CVE-2011-0260: The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window fr The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window from receiving keystrokes in the locked-screen state, which might allow physically proximate attackers to bypass intended access restrictions by typing into this window.

CVE-2011-0185 [MEDIUM] CWE-134 CVE-2011-0185: Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X b Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.

CVE-2011-3215 [LOW] CWE-264 CVE-2011-3215: The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.

CVE-2011-3218 [LOW] CWE-79 CVE-2011-3218: The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML docum The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.

CVE-2011-3212 [LOW] CWE-310 CVE-2011-3212: CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted dur CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.

CVE-2011-3216 [LOW] CWE-264 CVE-2011-3216: The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directorie The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

CVE-2011-3435 [LOW] CWE-255 CVE-2011-3435: Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors.