Apple macOS vulnerabilities

CVE-2008-0046 [MEDIUM] CWE-264 CVE-2008-0046: The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set a The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.

CVE-2008-0051 [MEDIUM] CWE-189 CVE-2008-0051: Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbi Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data.

CVE-2008-0044 [MEDIUM] CWE-119 CVE-2008-0044: Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.

CVE-2008-0048 [MEDIUM] CWE-119 CVE-2008-0048: Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers t Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.

CVE-2008-0059 [MEDIUM] CWE-362 CVE-2008-0059: Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."

CVE-2008-0988 [MEDIUM] CWE-189 CVE-2008-0988: Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-depen Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read.

CVE-2008-0996 [LOW] CWE-200 CVE-2008-0996: The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when s The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials.

CVE-2008-0049 [LOW] CWE-264 CVE-2008-0049: AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter- AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications.

CVE-2008-0994 [LOW] CWE-200 CVE-2008-0994: Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods.

CVE-2008-0995 [LOW] CWE-200 CVE-2008-0995: The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF fi The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods.

CVE-2008-0888 [CRITICAL] CWE-119 CVE-2008-0888: The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using inval The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

CVE-2008-0040 [CRITICAL] CWE-399 CVE-2008-0040: Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to ca Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption.

CVE-2008-0042 [MEDIUM] CWE-94 CVE-2008-0042: Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 thro Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes.

CVE-2008-0041 [MEDIUM] CWE-200 CVE-2008-0041: Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is un Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is unblocked," which allows remote attackers to determine when a system is running Parental Controls.

CVE-2008-0037 [MEDIUM] CWE-264 CVE-2008-0037: X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote attackers to bypass intended access restrictions and connect to the X server.

CVE-2008-0038 [LOW] CWE-264 CVE-2008-0038: Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launch Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security restrictions or exploit vulnerabilities in the application.

CVE-2007-6427 [CRITICAL] CVE-2007-6427: The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arb The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.

CVE-2008-0226 [HIGH] CWE-119 CVE-2008-0226: Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.

CVE-2007-4710 [CRITICAL] CWE-399 CVE-2007-4710: Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.

CVE-2007-4708 [CRITICAL] CWE-134 CVE-2007-4708: Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to exe Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.