Apple macOS vulnerabilities

CVE-2007-5856 [CRITICAL] CWE-16 CVE-2007-5856: Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from makin Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.

CVE-2007-5853 [CRITICAL] CVE-2007-5853: Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attack Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption.

CVE-2007-5863 [CRITICAL] CWE-310 CVE-2007-5863: Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.

CVE-2007-5860 [HIGH] CVE-2007-5860: Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbi Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."

CVE-2007-5850 [HIGH] CWE-119 CVE-2007-5850: Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attack Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.

CVE-2007-5848 [HIGH] CWE-119 CVE-2007-5848: Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.

CVE-2007-4709 [HIGH] CWE-22 CVE-2007-4709: Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to o Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to overwrite arbitrary files via a crafted HTTP response.

CVE-2007-5847 [MEDIUM] CWE-362 CVE-2007-5847: Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information.

CVE-2007-3876 [MEDIUM] CWE-119 CVE-2007-3876: Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.

CVE-2007-5855 [MEDIUM] CWE-287 CVE-2007-5855: Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assist Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity.

CVE-2007-5861 [MEDIUM] CWE-399 CVE-2007-5861: Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to c Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.

CVE-2007-5857 [MEDIUM] CWE-264 CVE-2007-5857: Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive information via HREFTrack.

CVE-2007-5854 [MEDIUM] CWE-79 CVE-2007-5854: Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, wh Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via a crafted HTML file.

CVE-2007-5851 [LOW] CWE-264 CVE-2007-5851: iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.

CVE-2007-5862 [CRITICAL] CWE-287 CVE-2007-5862: Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.

CVE-2007-6359 [MEDIUM] CWE-189 CVE-2007-6359: The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple M The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.

CVE-2007-6276 [HIGH] CWE-189 CVE-2007-6276: The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.

CVE-2007-6261 [MEDIUM] CWE-189 CVE-2007-6261: Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu ke Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.

CVE-2007-6165 [CRITICAL] CVE-2007-6165: Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary c Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.

CVE-2007-4691 [CRITICAL] CWE-264 CVE-2007-4691: The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.