Apple macOS vulnerabilities

CVE-2006-4398 [HIGH] CVE-2006-4398: Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 al Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests.

CVE-2006-4406 [HIGH] CVE-2006-4406: Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.

CVE-2006-4396 [MEDIUM] CVE-2006-4396: The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log fil The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack.

CVE-2006-4408 [MEDIUM] CVE-2006-4408: The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a deni The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. NOTE: this issue may be similar to CVE-2006-2940.

CVE-2006-4403 [MEDIUM] CVE-2006-4403: The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a l The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames.

CVE-2006-4402 [MEDIUM] CVE-2006-4402: Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted r Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files.

CVE-2006-4409 [MEDIUM] CVE-2006-4409: The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10 The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.

CVE-2006-4400 [MEDIUM] CVE-2006-4400: Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier all Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files.

CVE-2006-4401 [MEDIUM] CVE-2006-4401: Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote atta Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI.

CVE-2006-4412 [MEDIUM] CVE-2006-4412: WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to ex WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects.

CVE-2006-4407 [MEDIUM] CVE-2006-4407: The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic.

CVE-2006-6129 [MEDIUM] CVE-2006-6129: Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of s Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.

CVE-2006-6127 [LOW] CVE-2006-6127: Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.

CVE-2006-6126 [LOW] CVE-2006-6126: Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mac Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.

CVE-2006-6061 [CRITICAL] CVE-2006-6061: com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows rem com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fau

CVE-2006-6062 [MEDIUM] CVE-2006-6062: Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attac Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.

CVE-2006-6015 [MEDIUM] CVE-2006-6015: Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote atta Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression.

CVE-2006-5710 [HIGH] CWE-119 CVE-2006-5710: The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow.

CVE-2006-4392 [HIGH] CVE-2006-4392: The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) Ope The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-contr

CVE-2006-4394 [HIGH] CVE-2006-4394: A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors.