CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities Published In 2008

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2008-5406 119 1 DoS Exec Code Overflow 2008-12-10 2009-01-29
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow."
2 CVE-2008-5377 59 1 2008-12-08 2009-01-06
6.9
Admin Local Medium Not required Complete Complete Complete
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
3 CVE-2008-5315 22 Dir. Trav. 2008-12-03 2009-08-12
7.8
None Remote Low Not required Complete None None
Directory traversal vulnerability in the web interface in Apple iPhone Configuration Web Utility 1.0 on Windows allows remote attackers to read arbitrary files via unspecified vectors.
4 CVE-2008-5286 189 Exec Code Overflow Bypass 2008-12-01 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.
5 CVE-2008-5184 255 Bypass CSRF 2008-11-20 2009-01-29
10.0
None Remote Low Not required Complete Complete Complete
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.
6 CVE-2008-5183 399 1 DoS 2008-11-20 2011-03-17
4.3
None Remote Medium Not required None None Partial
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.
7 CVE-2008-4593 200 +Info 2008-10-17 2009-07-22
1.2
None Local High Not required Partial None None
Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416.
8 CVE-2008-4491 200 +Info 2008-10-08 2009-02-10
5.0
None Remote Low Not required Partial None None
Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail.
9 CVE-2008-4368 310 2008-10-01 2008-10-07
5.0
None Remote Low Not required Partial None None
The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits, which makes it easier for attackers to decrypt ciphertext produced by JCE.
10 CVE-2008-4237 2008-12-16 2009-08-20
10.0
Admin Remote Low Not required Complete Complete Complete
Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting.
11 CVE-2008-4236 399 DoS 2008-12-16 2009-02-06
7.1
None Remote Medium Not required None None Complete
Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted embedded font in a PDF file.
12 CVE-2008-4234 264 Exec Code 2008-12-16 2009-02-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a "potentially unsafe" warning message.
13 CVE-2008-4233 2008-11-25 2008-12-03
2.6
None Remote High Not required None None Partial
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document.
14 CVE-2008-4232 2008-11-25 2008-12-03
5.0
None Remote Low Not required None Partial None
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document.
15 CVE-2008-4231 399 DoS Exec Code Mem. Corr. 2008-11-25 2009-06-13
9.3
None Remote Medium Not required Complete Complete Complete
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
16 CVE-2008-4230 264 +Info 2008-11-25 2008-12-03
1.9
None Local Medium Not required Partial None None
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593.
17 CVE-2008-4229 362 2008-11-25 2008-12-03
3.7
None Local High Not required Partial Partial Partial
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup.
18 CVE-2008-4228 264 2008-11-25 2008-12-03
3.6
None Local Low Not required None Partial Partial
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number.
19 CVE-2008-4227 310 +Info 2008-11-25 2011-09-20
7.5
None Remote Low Not required Partial Partial Partial
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic.
20 CVE-2008-4224 20 DoS 2008-12-16 2009-02-06
7.1
None Remote Medium Not required None None Complete
UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file.
21 CVE-2008-4223 287 Bypass 2008-12-16 2009-02-06
10.0
Admin Remote Low Not required Complete Complete Complete
Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors.
22 CVE-2008-4222 399 DoS 2008-12-16 2009-08-20
7.1
None Remote Medium Not required None None Complete
natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet.
23 CVE-2008-4221 399 DoS Exec Code Mem. Corr. 2008-12-16 2009-08-20
10.0
Admin Remote Low Not required Complete Complete Complete
The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation.
24 CVE-2008-4220 189 DoS Exec Code Overflow 2008-12-16 2009-08-20
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure.
25 CVE-2008-4219 399 DoS 2008-12-16 2009-08-20
4.9
None Local Low Not required None None Complete
The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application.
26 CVE-2008-4218 189 Overflow +Priv 2008-12-16 2009-08-20
7.2
Admin Local Low Not required Complete Complete Complete
Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt.
27 CVE-2008-4217 189 Exec Code Overflow 2008-12-16 2009-02-06
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow.
28 CVE-2008-4216 200 +Info 2008-11-17 2012-10-30
4.3
None Remote Medium Not required Partial None None
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files."
29 CVE-2008-4215 264 Bypass 2008-10-10 2009-02-10
7.5
User Remote Low Not required Partial Partial Partial
Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions.
30 CVE-2008-4214 264 2008-10-10 2009-02-10
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files.
31 CVE-2008-4212 16 Bypass 2008-10-10 2009-02-10
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions.
32 CVE-2008-4211 189 DoS Exec Code 2008-10-10 2011-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns."
33 CVE-2008-4116 119 1 DoS Exec Code Overflow 2008-09-18 2011-01-06
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow.
34 CVE-2008-3950 189 DoS 2008-09-16 2009-01-29
5.0
None Remote Low Not required None None Partial
Off-by-one error in the _web_drawInRect:withFont:ellipsis:alignment:measureOnly function in WebKit in Safari in Apple iPhone 1.1.4 and 2.0 and iPod touch 1.1.4 and 2.0 allows remote attackers to cause a denial of service (browser crash) via a JavaScript alert call with an argument that lacks breakable characters and has a length that is a multiple of the memory page size, leading to an out-of-bounds read.
35 CVE-2008-3876 264 Bypass +Info 2008-09-02 2008-09-17
1.9
None Local Medium Not required Partial None None
Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact's blue arrow.
36 CVE-2008-3647 119 DoS Exec Code Overflow 2008-10-10 2009-02-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment.
37 CVE-2008-3646 362 2008-10-10 2009-07-23
6.8
User Remote Medium Not required Partial Partial Partial
The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users.
38 CVE-2008-3645 119 Exec Code Overflow 2008-10-10 2009-02-10
7.2
Admin Local Low Not required Complete Complete Complete
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.
39 CVE-2008-3644 200 +Info 2008-11-17 2012-10-30
1.9
None Local Medium Not required Partial None None
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.
40 CVE-2008-3643 DoS 2008-10-10 2009-02-10
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue."
41 CVE-2008-3642 119 DoS Exec Code Overflow 2008-10-10 2012-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile.
42 CVE-2008-3641 399 Exec Code 2008-10-10 2012-10-29
10.0
None Remote Low Not required Complete Complete Complete
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
43 CVE-2008-3640 189 Exec Code Overflow 2008-10-14 2012-10-29
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
44 CVE-2008-3639 119 Exec Code Overflow 2008-10-14 2012-10-29
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
45 CVE-2008-3638 94 2008-09-26 2012-10-29
9.3
Admin Remote Medium Not required Complete Complete Complete
Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which allows remote attackers to execute arbitrary programs.
46 CVE-2008-3637 94 Exec Code 2008-09-26 2012-10-29
9.3
Admin Remote Medium Not required Complete Complete Complete
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."
47 CVE-2008-3636 189 Overflow +Priv 2008-09-10 2013-08-06
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as used in other products including Apple iTunes and multiple Symantec and Norton products, which allows local users to gain privileges via repeated IoAttachDevice IOCTL calls to \\.\GEARAspiWDMDevice in this GEARAspiWDM.sys. However, the root cause is the integer overflow in the API call itself.
48 CVE-2008-3635 119 DoS Exec Code Overflow 2008-09-10 2008-11-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
49 CVE-2008-3634 200 +Info 2008-09-10 2008-09-11
2.6
None Remote High Not required Partial None None
Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.
50 CVE-2008-3632 399 DoS Exec Code 2008-09-10 2012-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.
Total number of vulnerabilities : 211   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.