Apple : Security Vulnerabilities, CVEs, Published In 2006 (Overflow) CVSS score >= 7
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
Max CVSS
9.0
EPSS Score
2.29%
Published
2006-12-20
Updated
2018-10-17
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2006-11-30
Updated
2017-07-29
The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
12.18%
Published
2006-11-04
Updated
2017-07-20
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
7.5
EPSS Score
7.36%
Published
2006-11-30
Updated
2017-07-20
WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag.
Max CVSS
7.5
EPSS Score
2.59%
Published
2006-07-31
Updated
2017-07-20
Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.
Max CVSS
7.2
EPSS Score
0.13%
Published
2006-09-21
Updated
2011-03-08
Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.
Max CVSS
7.2
EPSS Score
0.13%
Published
2006-09-21
Updated
2011-03-08
Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request.
Max CVSS
10.0
EPSS Score
5.33%
Published
2006-08-02
Updated
2017-07-20
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue.
Max CVSS
7.5
EPSS Score
76.92%
Published
2006-05-12
Updated
2017-07-20
Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images.
Max CVSS
7.5
EPSS Score
41.00%
Published
2006-04-21
Updated
2011-03-07
Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image.
Max CVSS
7.5
EPSS Score
1.60%
Published
2006-06-27
Updated
2017-07-20
Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging.
Max CVSS
7.5
EPSS Score
5.33%
Published
2006-05-12
Updated
2017-07-20
Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment.
Max CVSS
7.5
EPSS Score
6.94%
Published
2006-05-12
Updated
2017-07-20
Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding.
Max CVSS
7.5
EPSS Score
6.94%
Published
2006-05-12
Updated
2017-07-20
14 vulnerabilities found