Apple macOS vulnerabilities

CVE-2007-2390 [CRITICAL] CVE-2007-2390: Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a deni Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet.

CVE-2007-0753 [HIGH] CWE-134 CVE-2007-0753: Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows loca Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.

CVE-2007-0752 [HIGH] CVE-2007-0752: The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to dete The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.

CVE-2007-0740 [MEDIUM] CVE-2007-0740: Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mount Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files.

CVE-2007-0751 [LOW] CVE-2007-0751: A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.

CVE-2007-0746 [CRITICAL] CVE-2007-0746: Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference".

CVE-2007-0735 [CRITICAL] CVE-2007-0735: Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attack Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing d

CVE-2007-0736 [CRITICAL] CVE-2007-0736: Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.

CVE-2007-0732 [HIGH] CVE-2007-0732: Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10 Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port."

CVE-2007-0747 [HIGH] CVE-2007-0747: load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mou load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.

CVE-2007-0725 [HIGH] CVE-2007-0725: Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, whe Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands."

CVE-2007-0741 [HIGH] CVE-2007-0741: Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Shari Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets.

CVE-2007-0729 [HIGH] CWE-264 CVE-2007-0729: Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.

CVE-2007-0744 [HIGH] CVE-2007-0744: SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing c SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.

CVE-2007-0742 [HIGH] CVE-2007-0742: The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be acce The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information.

CVE-2007-0743 [MEDIUM] CVE-2007-0743: URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credentials for mo URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credentials for mounting filesystems on SMB servers as command line arguments to the mount_sub command, which may allow local users to obtain sensitive information by listing the process.

CVE-2007-0739 [MEDIUM] CVE-2007-0739: The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath t The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls.

CVE-2007-0737 [MEDIUM] CVE-2007-0737: The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors.

CVE-2007-0738 [MEDIUM] CVE-2007-0738: The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authenticat The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication controls.

CVE-2007-0734 [MEDIUM] CWE-119 CVE-2007-0734: fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Fi fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory co