Product:

Mac_os_x_server

(Apple)
Repositories https://github.com/apache/httpd
#Vulnerabilities 664
Date Id Summary Products Score Patch Annotated
2011-10-14 CVE-2011-3228 QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3227 libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-mail message. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3226 Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3225 The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3224 The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3223 Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3222 Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3221 QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3220 QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. Mac_os_x, Mac_os_x_server N/A
2011-10-14 CVE-2011-3218 The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document. Mac_os_x, Mac_os_x_server N/A