CVSS: 7.8EPSS: 8%CPEs: 4EXPL: 0CVE-2006-1455
https://notcve.org/view.php?id=CVE-2006-1455
QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016070 http://www.osvdb.org/25599 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26423 •
CVSS: 7.5EPSS: 9%CPEs: 4EXPL: 0CVE-2006-1456
https://notcve.org/view.php?id=CVE-2006-1456
Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016070 http://www.osvdb.org/25600 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26424 •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1457
https://notcve.org/view.php?id=CVE-2006-1457
Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016069 http://www.kb.cert.org/vuls/id/519473 http://www.osvdb.org/25598 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26427 •
CVSS: 5.0EPSS: 10%CPEs: 32EXPL: 1CVE-2006-1984
https://notcve.org/view.php?id=CVE-2006-1984
Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x29-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1452 http://www.vupen. •
CVSS: 5.1EPSS: 2%CPEs: 38EXPL: 1CVE-2006-1985 – Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow
https://notcve.org/view.php?id=CVE-2006-1985
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. • https://www.exploit-db.com/exploits/27715 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://securitytracker.com/id?1016082 http://www.osvdb.org/24819 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x25-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •