Page 220 of 2413 results (0.018 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

12 May 2006 — Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

12 May 2006 — Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 8.8EPSS: 11%CPEs: 2EXPL: 0

12 May 2006 — Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

12 May 2006 — MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

12 May 2006 — BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 9.8EPSS: 9%CPEs: 4EXPL: 0

12 May 2006 — Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 7.8EPSS: 4%CPEs: 4EXPL: 0

12 May 2006 — QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0

12 May 2006 — The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 0

12 May 2006 — Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling." • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

12 May 2006 — Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •