Apple : Security Vulnerabilities, CVEs, Published In July 2008 (Denial of service)
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
Max CVSS
8.8
EPSS Score
3.78%
Published
2008-07-18
Updated
2024-02-08
WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590.
Max CVSS
9.3
EPSS Score
78.00%
Published
2008-07-14
Updated
2022-08-09
Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.
Max CVSS
6.8
EPSS Score
0.28%
Published
2008-07-01
Updated
2017-08-08
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.
Max CVSS
4.6
EPSS Score
0.04%
Published
2008-07-01
Updated
2017-08-08
Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters.
Max CVSS
6.8
EPSS Score
0.37%
Published
2008-07-14
Updated
2018-10-11
Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-of-bounds access, a different vulnerability than CVE-2008-2307.
Max CVSS
10.0
EPSS Score
18.33%
Published
2008-07-14
Updated
2022-08-09
6 vulnerabilities found