Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x_server
(Apple)| Repositories | https://github.com/apache/httpd |
| #Vulnerabilities | 664 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-12-17 | CVE-2008-4222 | natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-12-17 | CVE-2008-4221 | The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-12-17 | CVE-2008-4220 | Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-12-17 | CVE-2008-4219 | The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-12-17 | CVE-2008-4218 | Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-12-17 | CVE-2008-4217 | Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-10-10 | CVE-2008-4215 | Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions. | Mac_os_x_server | N/A | ||
| 2008-10-10 | CVE-2008-4214 | Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-10-10 | CVE-2008-4212 | Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions. | Mac_os_x, Mac_os_x_server | N/A | ||
| 2008-10-10 | CVE-2008-3647 | Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment. | Mac_os_x, Mac_os_x_server | N/A |