CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities Published In 2006

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-6906 2006-12-31 2009-09-03
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900.
2 CVE-2006-6900 2006-12-31 2008-11-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug."
3 CVE-2006-6652 Exec Code Overflow 2006-12-19 2008-09-05
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
4 CVE-2006-6353 DoS 2006-12-06 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer".
5 CVE-2006-6292 DoS 2006-12-05 2013-08-25
5.7
None Local Network Medium Not required None None Complete
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames.
6 CVE-2006-6238 +Info 2006-12-03 2008-09-05
5.0
None Remote Low Not required Partial None None
The AutoFill feature in Apple Safari 2.0.4 does not properly verify that all automatically populated form fields are visible to the user, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via input fields of zero width, a variant of CVE-2006-6077.
7 CVE-2006-6173 Exec Code Overflow 2006-11-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter.
8 CVE-2006-6130 DoS 2006-11-27 2008-09-05
4.9
None Local Low Not required None None Complete
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.
9 CVE-2006-6129 DoS Exec Code Overflow Mem. Corr. 2006-11-26 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
10 CVE-2006-6127 DoS 2006-11-26 2008-09-05
2.1
None Local Low Not required None None Partial
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.
11 CVE-2006-6126 DoS Mem. Corr. 2006-11-26 2008-09-05
2.1
None Local Low Not required None None Partial
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
12 CVE-2006-6062 DoS Mem. Corr. 2006-11-21 2008-09-10
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.
13 CVE-2006-6061 DoS Exec Code Mem. Corr. 2006-11-21 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address.
14 CVE-2006-6015 DoS Overflow 2006-11-21 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression.
15 CVE-2006-5710 Exec Code Overflow 2006-11-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow.
16 CVE-2006-5681 +Info 2006-12-19 2008-09-05
2.6
None Remote High Not required Partial None None
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.
17 CVE-2006-5328 2006-10-17 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.
18 CVE-2006-5327 Exec Code 2006-10-17 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.
19 CVE-2006-4965 94 Exec Code 2006-09-24 2008-09-05
5.0
None Remote Low Not required None Partial None
Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript code and possibly conduct other attacks via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter that identifies resources outside of the original domain. NOTE: as of 20070912, this issue has been demonstrated by using instances of Components.interfaces.nsILocalFile and Components.interfaces.nsIProcess to execute arbitrary local files within Firefox and possibly Internet Explorer.
20 CVE-2006-4887 +Priv Bypass 2006-09-19 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.
21 CVE-2006-4866 Exec Code Overflow 2006-09-19 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
22 CVE-2006-4413 +Priv 2006-11-17 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root privileges on client systems that use the packages.
23 CVE-2006-4412 Exec Code 2006-11-30 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects.
24 CVE-2006-4411 +Priv 2006-11-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors.
25 CVE-2006-4410 2006-11-30 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10.4.7, does not properly search certificate revocation lists (CRL), which allows remote attackers to access systems by using revoked certificates.
26 CVE-2006-4409 2006-11-30 2008-09-05
5.0
None Remote Low Not required None Partial None
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
27 CVE-2006-4408 DoS 2006-11-30 2008-09-05
5.0
None Remote Low Not required None None Partial
The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. NOTE: this issue may be similar to CVE-2006-2940.
28 CVE-2006-4407 2006-11-30 2008-09-05
5.0
None Remote Low Not required Partial None None
The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic.
29 CVE-2006-4406 Exec Code Overflow 2006-11-30 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.
30 CVE-2006-4404 2006-11-30 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges.
31 CVE-2006-4403 DoS 2006-11-30 2008-09-05
4.0
None Remote High Not required Partial None Partial
The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames.
32 CVE-2006-4402 Exec Code Overflow 2006-11-30 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files.
33 CVE-2006-4401 Exec Code 2006-11-30 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI.
34 CVE-2006-4400 Exec Code Overflow 2006-11-30 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files.
35 CVE-2006-4399 2006-10-03 2008-09-05
2.1
None Local Low Not required None Partial None
User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in less secure password management than intended.
36 CVE-2006-4398 Exec Code Overflow 2006-11-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests.
37 CVE-2006-4397 2006-10-03 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tickets from being destroyed if a user does not successfully log on to a network account from the login window, which might allow later users to gain access to the original user's Kerberos tickets.
38 CVE-2006-4396 2006-11-30 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack.
39 CVE-2006-4395 DoS Mem. Corr. 2006-10-03 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows context-dependent attackers to cause a denial of service ("memory corruption" and crash) via a crafted PICT image that is not properly handled by a certain "unsupported QuickDraw operation."
40 CVE-2006-4394 Bypass 2006-10-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors.
41 CVE-2006-4393 2006-10-03 2008-09-05
3.7
User Local High Not required Partial Partial Partial
Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users.
42 CVE-2006-4392 +Priv 2006-10-03 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function.
43 CVE-2006-4391 Exec Code Overflow 2006-10-03 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to execute arbitrary code via a malformed JPEG2000 image.
44 CVE-2006-4390 2006-10-03 2008-09-05
2.6
None Remote High Not required None Partial None
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
45 CVE-2006-4389 Exec Code 2006-09-12 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.
46 CVE-2006-4388 Exec Code Overflow 2006-09-12 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file.
47 CVE-2006-4387 2006-10-03 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the "Allow user to administer this computer" checkbox in System Preferences for a user, does not remove the user's account from the appserveradm or appserverusr groups, which still allows the user to manage WebObjects applications.
48 CVE-2006-4386 Exec Code Overflow 2006-09-12 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.
49 CVE-2006-4385 Exec Code Overflow 2006-09-12 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.
50 CVE-2006-4384 Exec Code Overflow 2006-09-12 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.
Total number of vulnerabilities : 138   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.