10.4.4 : Security Vulnerabilities Published In 2006 (Overflow)

Cpe Name:cpe:/o:apple:mac_os_x:10.4.4

2006 : January February March April May June July August September October November December

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2006-6652		Exec Code Overflow	2006-12-19	2008-09-05	9.0	Admin	Remote	Low	Single system	Complete	Complete	Complete
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
2	CVE-2006-4866		Exec Code Overflow	2006-09-19	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
3	CVE-2006-4406		Exec Code Overflow	2006-11-30	2008-09-05	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.
4	CVE-2006-4398		Exec Code Overflow	2006-11-30	2008-09-05	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests.
5	CVE-2006-4391		Exec Code Overflow	2006-10-03	2008-09-05	5.1	User	Remote	High	Not required	Partial	Partial	Partial
Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to execute arbitrary code via a malformed JPEG2000 image.
6	CVE-2006-3946	119	DoS Exec Code Overflow	2006-07-31	2011-06-20	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag.
7	CVE-2006-1985	119	Exec Code Overflow	2006-04-21	2011-10-18	5.1	User	Remote	High	Not required	Partial	Partial	Partial
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function.
8	CVE-2006-1983		DoS Exec Code Overflow	2006-04-21	2008-09-10	6.4	None	Remote	Low	Not required	None	Partial	Partial
Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.
9	CVE-2006-1982		Exec Code Overflow	2006-04-21	2008-09-05	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images.
10	CVE-2006-1552	189	DoS Overflow	2006-03-31	2011-10-17	5.0	None	Remote	Low	Not required	None	None	Partial
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".
11	CVE-2006-1469		DoS Exec Code Overflow	2006-06-27	2008-09-05	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image.
12	CVE-2006-1452		Exec Code Overflow	2006-05-12	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy.
13	CVE-2006-1220		Exec Code Overflow	2006-03-13	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow.
14	CVE-2006-0396		Exec Code Overflow	2006-03-14	2008-09-05	5.1	User	Remote	High	Not required	Partial	Partial	Partial
Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment.
15	CVE-2006-0387		Exec Code Overflow	2006-03-06	2008-09-05	6.4	None	Remote	Low	Not required	None	Partial	Partial
Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504.

Total number of vulnerabilities : 15 Page : 1 (This Page)