CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities Published In 2007

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6592 2007-12-28 2008-09-05
4.3
None Remote Medium Not required None Partial None
Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
2 CVE-2007-6359 189 DoS 2007-12-14 2008-09-05
4.9
None Local Low Not required None None Complete
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.
3 CVE-2007-6276 189 1 DoS 2007-12-07 2011-07-18
7.8
None Remote Low Not required None None Complete
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.
4 CVE-2007-6261 189 DoS Overflow 2007-12-05 2008-09-05
4.9
None Local Low Not required None None Complete
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
5 CVE-2007-6238 Exec Code 2007-12-04 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release advisories with actionable information. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. However, the organization has stated that this is different than CVE-2007-6166.
6 CVE-2007-6166 119 2 Exec Code Overflow 2007-11-28 2011-08-04
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
7 CVE-2007-6165 264 Exec Code 2007-11-28 2011-10-06
9.3
None Remote Medium Not required Complete Complete Complete
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
8 CVE-2007-5863 310 Exec Code 2007-12-19 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.
9 CVE-2007-5862 287 Bypass 2007-12-18 2008-09-05
9.4
None Remote Low Not required Complete Complete None
Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.
10 CVE-2007-5861 399 DoS Exec Code Mem. Corr. 2007-12-19 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.
11 CVE-2007-5860 Exec Code 2007-12-19 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."
12 CVE-2007-5859 399 DoS Exec Code Mem. Corr. 2007-12-19 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.
13 CVE-2007-5858 79 XSS +Info 2007-12-19 2011-03-09
4.3
None Remote Medium Not required None Partial None
WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information.
14 CVE-2007-5857 264 +Info 2007-12-19 2008-09-05
6.4
None Remote Low Not required Partial Partial None
Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive information via HREFTrack.
15 CVE-2007-5856 264 +Info 2007-12-19 2008-09-05
9.4
None Remote Low Not required Complete Complete None
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.
16 CVE-2007-5855 287 2007-12-19 2008-09-05
6.4
None Remote Low Not required Partial Partial None
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity.
17 CVE-2007-5854 79 XSS +Info 2007-12-19 2008-09-05
4.3
None Remote Medium Not required None Partial None
Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via a crafted HTML file.
18 CVE-2007-5853 DoS Exec Code Mem. Corr. 2007-12-19 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with crafted GUID partition maps, which triggers memory corruption.
19 CVE-2007-5851 264 2007-12-19 2008-09-05
3.6
None Local Low Not required Partial Partial None
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.
20 CVE-2007-5850 119 Exec Code Overflow 2007-12-19 2008-09-05
8.8
None Remote Medium Not required Complete Complete None
Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.
21 CVE-2007-5848 119 Exec Code Overflow 2007-12-19 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.
22 CVE-2007-5847 362 +Info 2007-12-19 2008-09-05
6.6
None Local Low Not required Complete Complete None
Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information.
23 CVE-2007-5450 119 1 DoS Overflow 2007-10-14 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
24 CVE-2007-5045 94 Exec Code 2007-09-23 2009-03-04
9.3
None Remote Medium Not required Complete Complete Complete
Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XML element and a qtnext parameter containing the Firefox "-chrome" argument. NOTE: this is a related issue to CVE-2006-4965 and the result of an incomplete fix for CVE-2007-3670.
25 CVE-2007-4812 119 DoS Overflow 2007-09-11 2009-02-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.
26 CVE-2007-4710 399 DoS Exec Code Mem. Corr. 2007-12-19 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.
27 CVE-2007-4709 22 Dir. Trav. 2007-12-19 2008-09-05
8.8
None Remote Medium Not required Complete Complete None
Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to overwrite arbitrary files via a crafted HTTP response.
28 CVE-2007-4708 134 Exec Code 2007-12-19 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
29 CVE-2007-4707 119 Exec Code Overflow 2007-12-14 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie.
30 CVE-2007-4706 119 Exec Code Overflow 2007-12-14 2008-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.
31 CVE-2007-4704 Bypass 2007-11-15 2011-07-18
10.0
None Remote Low Not required Complete Complete Complete
The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions.
32 CVE-2007-4703 Bypass 2007-11-15 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when "Block incoming connections" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions.
33 CVE-2007-4702 Bypass 2007-11-15 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions.
34 CVE-2007-4701 264 2007-11-14 2008-09-05
2.1
None Local Low Not required Partial None None
WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari is previewing a PDF file, which allows local users to read the contents of that file.
35 CVE-2007-4700 264 2007-11-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors.
36 CVE-2007-4699 264 Bypass 2007-11-14 2013-07-21
7.5
User Remote Low Not required Partial Partial Partial
The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions.
37 CVE-2007-4698 79 XSS 2007-11-14 2008-11-15
4.3
None Remote Medium Not required None Partial None
Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to conduct cross-site scripting (XSS) attacks by causing JavaScript events to be associated with the wrong frame.
38 CVE-2007-4697 DoS Exec Code Mem. Corr. 2007-11-14 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption.
39 CVE-2007-4696 362 +Info 2007-11-14 2008-09-05
4.3
None Remote Medium Not required Partial None None
Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari.
40 CVE-2007-4695 20 2007-11-14 2008-09-05
4.3
None Remote Medium Not required None Partial None
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads.
41 CVE-2007-4694 264 2007-11-14 2008-09-05
4.3
None Remote Medium Not required Partial None None
Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.
42 CVE-2007-4693 287 Bypass 2007-11-14 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboard focus between secure text fields."
43 CVE-2007-4692 287 2007-11-14 2011-06-13
4.3
None Remote Medium Not required None Partial None
The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab.
44 CVE-2007-4691 264 Bypass 2007-11-14 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.
45 CVE-2007-4690 399 Exec Code 2007-11-14 2008-09-05
9.0
None Remote Low Single system Complete Complete Complete
Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
46 CVE-2007-4689 399 DoS Exec Code 2007-11-14 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.
47 CVE-2007-4688 200 +Info 2007-11-14 2008-09-05
5.0
None Remote Low Not required Partial None None
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.
48 CVE-2007-4687 16 2007-11-14 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files.
49 CVE-2007-4686 189 DoS +Priv 2007-11-14 2011-06-20
7.2
None Local Low Not required Complete Complete Complete
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request.
50 CVE-2007-4685 264 +Priv 2007-11-14 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."
Total number of vulnerabilities : 209   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.