Apple : Security Vulnerabilities, CVEs, Published In December 2007 (Code Execution)
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166.
Max CVSS
10.0
EPSS Score
4.53%
Published
2007-12-04
Updated
2017-08-08
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.
Max CVSS
6.8
EPSS Score
0.45%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.
Max CVSS
9.3
EPSS Score
5.69%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption.
Max CVSS
9.3
EPSS Score
0.45%
Published
2007-12-19
Updated
2017-07-29
Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.
Max CVSS
8.8
EPSS Score
0.25%
Published
2007-12-19
Updated
2017-07-29
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.
Max CVSS
7.2
EPSS Score
0.10%
Published
2007-12-19
Updated
2018-10-15
Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.
Max CVSS
9.3
EPSS Score
4.60%
Published
2007-12-19
Updated
2017-07-29
Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
Max CVSS
9.3
EPSS Score
3.86%
Published
2007-12-19
Updated
2017-07-29
Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie.
Max CVSS
9.3
EPSS Score
2.33%
Published
2007-12-15
Updated
2017-07-29
Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.
Max CVSS
6.8
EPSS Score
13.71%
Published
2007-12-15
Updated
2017-07-29
Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.
Max CVSS
6.6
EPSS Score
0.04%
Published
2007-12-19
Updated
2017-09-29
12 vulnerabilities found