Apple Mac Os X Server vulnerabilities

CVE-2008-3647 [CRITICAL] CWE-119 CVE-2008-3647: Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a de Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment.

CVE-2008-4212 [CRITICAL] CWE-16 CVE-2008-4212: Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions.

CVE-2008-4211 [CRITICAL] CWE-189 CVE-2008-4211: Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iP Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory acc

CVE-2008-3643 [HIGH] CVE-2008-3643: Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a den Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue."

CVE-2008-3645 [HIGH] CWE-119 CVE-2008-3645: Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Net Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.

CVE-2008-4215 [HIGH] CWE-264 CVE-2008-4215: Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting a Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions.

CVE-2008-4214 [MEDIUM] CWE-264 CVE-2008-4214: Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to caus Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files.

CVE-2008-3638 [CRITICAL] CWE-94 CVE-2008-3638: Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which allows remote attackers to execute arbitrary programs.

CVE-2008-3637 [HIGH] CWE-665 CVE-2008-3637: The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4 The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."

CVE-2008-3616 [CRITICAL] CWE-189 CVE-2008-3616: Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 al Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via vectors associated with "passing untrusted input" to unspecified API functions.

CVE-2008-3621 [CRITICAL] CWE-399 CVE-2008-3621: VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving H.264 encoded media.

CVE-2008-2305 [CRITICAL] CWE-119 CVE-2008-2305: Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 1 Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names."

CVE-2008-3608 [CRITICAL] CWE-399 CVE-2008-3608: ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to caus ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.

CVE-2008-2332 [CRITICAL] CWE-399 CVE-2008-2332: ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to caus ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.

CVE-2008-3610 [HIGH] CWE-287 CVE-2008-3610: Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account is enabled, allows attackers to bypass password authentication and login to any account via multiple attempts to login to the blank-password account, followed by selection of an arbitrary account from the user list.

CVE-2008-3609 [HIGH] CWE-264 CVE-2008-3609: The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during r The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during recycling (aka purging) of a vnode, which might allow local users to bypass the intended read or write permissions of a file.

CVE-2008-2312 [MEDIUM] CWE-255 CVE-2008-2312: Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file.

CVE-2008-2331 [MEDIUM] CWE-264 CVE-2008-2331: Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Inf Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that were not intended by an administrator.

CVE-2008-3622 [MEDIUM] CWE-79 CVE-2008-3622: Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection."

CVE-2008-3617 [MEDIUM] CWE-255 CVE-2008-3617: Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10.5.4, when used to set a passw Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10.5.4, when used to set a password for a VNC viewer, displays additional input characters beyond the maximum password length, which might make it easier for attackers to guess passwords that the user believed were longer.