Apple Mac Os X Server vulnerabilities

CVE-2008-0990 [MEDIUM] CWE-200 CVE-2008-0990: notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated from the kernel, which allows local users to cause a denial of service via spoofed death notifications that prevent other applications from receiving notifications.

CVE-2008-0057 [MEDIUM] CWE-189 CVE-2008-0057: Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10. Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.

CVE-2008-0060 [MEDIUM] CWE-94 CVE-2008-0060: Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Apples Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link.

CVE-2008-0046 [MEDIUM] CWE-264 CVE-2008-0046: The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set a The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.

CVE-2008-0051 [MEDIUM] CWE-189 CVE-2008-0051: Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbi Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data.

CVE-2008-0044 [MEDIUM] CWE-119 CVE-2008-0044: Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.

CVE-2008-0048 [MEDIUM] CWE-119 CVE-2008-0048: Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers t Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.

CVE-2008-0059 [MEDIUM] CWE-362 CVE-2008-0059: Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."

CVE-2008-0988 [MEDIUM] CWE-189 CVE-2008-0988: Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-depen Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read.

CVE-2008-0996 [LOW] CWE-200 CVE-2008-0996: The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when s The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials.

CVE-2008-0049 [LOW] CWE-264 CVE-2008-0049: AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter- AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications.

CVE-2008-0994 [LOW] CWE-200 CVE-2008-0994: Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods.

CVE-2008-0995 [LOW] CWE-200 CVE-2008-0995: The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF fi The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods.

CVE-2007-5863 [CRITICAL] CWE-310 CVE-2007-5863: Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.

CVE-2007-5860 [HIGH] CVE-2007-5860: Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbi Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."

CVE-2007-6276 [HIGH] CWE-189 CVE-2007-6276: The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.

CVE-2007-4691 [CRITICAL] CWE-264 CVE-2007-4691: The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.

CVE-2007-4689 [CRITICAL] CWE-399 CVE-2007-4689: Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.

CVE-2007-4702 [CRITICAL] CVE-2007-4702: The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, d The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions.

CVE-2007-4690 [CRITICAL] CWE-399 CVE-2007-4690: Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.