Apple macOS vulnerabilities

CVE-2008-2309 [MEDIUM] CWE-264 CVE-2008-2309: Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.

CVE-2008-2314 [MEDIUM] CWE-264 CVE-2008-2314: Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically pro Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors.

CVE-2008-2310 [MEDIUM] CWE-134 CVE-2008-2310: Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted att Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.

CVE-2008-2313 [MEDIUM] CWE-264 CVE-2008-2313: Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local users to gain privileges by inserting a Trojan horse file into this directory.

CVE-2008-2308 [MEDIUM] CWE-264 CVE-2008-2308: Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms a Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.

CVE-2008-2830 [HIGH] CWE-264 CVE-2008-2830: Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versi Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versions, does not properly restrict the loading of scripting addition plugins, which allows local users to gain privileges via scripting addition commands to a privileged application, as originally demonstrated by an osascript tell command to ARDAgent.

CVE-2008-1577 [CRITICAL] CVE-2008-1577: Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file, related to "multiple memory corruption issues."

CVE-2008-1031 [CRITICAL] CWE-119 CVE-2008-1031: CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or ca CoreGraphics in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document, related to an uninitialized variable.

CVE-2008-1030 [CRITICAL] CWE-20 CVE-2008-1030: Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac OS X before 10.5.3 allows context-dependent attackers to execute arbitrary code or cause a denial of service (crash) via an invalid length argument, which triggers a heap-based buffer overflow.

CVE-2008-1574 [CRITICAL] CWE-119 CVE-2008-1574: Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbit Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow.

CVE-2008-1034 [CRITICAL] CWE-189 CVE-2008-1034: Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute ar Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow.

CVE-2008-1028 [CRITICAL] CWE-20 CVE-2008-1028: Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attack Unspecified vulnerability in AppKit in Apple Mac OS X before 10.5 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document file, as demonstrated by opening the document with TextEdit.

CVE-2008-1575 [CRITICAL] CWE-399 CVE-2008-1575: Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5 Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing.

CVE-2008-1573 [HIGH] CWE-119 CVE-2008-1573: The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attac The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read.

CVE-2008-1572 [MEDIUM] CWE-264 CVE-2008-1572: Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows loca Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows local users to overwrite arbitrary files, and display images that are being resized by this application.

CVE-2008-1579 [MEDIUM] CWE-200 CVE-2008-1579: Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive informa Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog.

CVE-2008-1032 [MEDIUM] CVE-2008-1032: Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via an (1) Automator, (2) Help, (3) Safari, or (4) Terminal content type for a downloadable object, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4

CVE-2008-1576 [MEDIUM] CWE-399 CVE-2008-1576: Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize m Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in opportunistic circumstances, by sending an e-mail message.

CVE-2008-1571 [MEDIUM] CWE-22 CVE-2008-1571: Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X befo Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.

CVE-2008-1036 [MEDIUM] CWE-79 CVE-2008-1036: The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Ente The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.