Apple macOS vulnerabilities

CVE-2009-2836 [MEDIUM] CWE-362 CVE-2009-2836: Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has a blank password, allows attackers to bypass password authentication and obtain login access to an arbitrary account via unspecified vectors.

CVE-2009-2831 [MEDIUM] CVE-2009-2831: Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any conte Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue."

CVE-2009-2830 [MEDIUM] CVE-2009-2830: Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.

CVE-2009-2839 [MEDIUM] CWE-399 CVE-2009-2839: Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

CVE-2009-2834 [MEDIUM] CWE-264 CVE-2009-2834: IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors.

CVE-2009-2826 [MEDIUM] CWE-189 CVE-2009-2826: Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execut Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow.

CVE-2009-3767 [MEDIUM] CVE-2009-3767: libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification

CVE-2009-2807 [HIGH] CWE-119 CVE-2009-2807: Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.

CVE-2009-2803 [MEDIUM] CWE-399 CVE-2009-2803: CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork.

CVE-2009-2812 [MEDIUM] CVE-2009-2812: Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifi Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site.

CVE-2009-2809 [MEDIUM] CWE-94 CVE-2009-2809: ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or ca ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues."

CVE-2009-2811 [MEDIUM] CWE-94 CVE-2009-2811: Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature.

CVE-2009-2805 [MEDIUM] CWE-189 CVE-2009-2805: Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to exe Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow.

CVE-2009-2813 [MEDIUM] CWE-264 CVE-2009-2813: Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in t Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictio

CVE-2009-2804 [MEDIUM] CWE-189 CVE-2009-2804: Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windo Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.

CVE-2009-2800 [MEDIUM] CWE-119 CVE-2009-2800: Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute ar Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file.

CVE-2009-2205 [MEDIUM] CWE-119 CVE-2009-2205: Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

CVE-2009-3095 [MEDIUM] CVE-2009-3095: The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11.

CVE-2009-2474 [MEDIUM] CVE-2009-2474: neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a d neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

CVE-2009-2196 [MEDIUM] CVE-2009-2196: Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbit Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.