Apple : Security Vulnerabilities, CVEs, Published In December 2007 (Denial of service)
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.
Max CVSS
4.9
EPSS Score
0.05%
Published
2007-12-15
Updated
2017-08-08
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.
Max CVSS
7.8
EPSS Score
20.41%
Published
2007-12-07
Updated
2017-09-29
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-12-06
Updated
2017-08-08
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.
Max CVSS
6.8
EPSS Score
0.38%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.
Max CVSS
9.3
EPSS Score
5.69%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption.
Max CVSS
9.3
EPSS Score
0.38%
Published
2007-12-19
Updated
2017-07-29
Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.
Max CVSS
9.3
EPSS Score
4.60%
Published
2007-12-19
Updated
2017-07-29
7 vulnerabilities found