Apple : Security Vulnerabilities, CVEs, Published In June 2011 (Denial of service)
The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service (desktop hang) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.
Max CVSS
7.1
EPSS Score
0.14%
Published
2011-06-30
Updated
2011-07-12
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
Max CVSS
6.8
EPSS Score
3.73%
Published
2011-06-29
Updated
2020-05-21
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
Max CVSS
4.3
EPSS Score
0.72%
Published
2011-06-06
Updated
2020-10-05
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Max CVSS
7.5
EPSS Score
8.13%
Published
2011-06-21
Updated
2024-02-02
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011.
Max CVSS
5.0
EPSS Score
0.72%
Published
2011-06-06
Updated
2020-10-05
The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.
Max CVSS
4.9
EPSS Score
0.04%
Published
2011-06-24
Updated
2011-10-27
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
Max CVSS
6.8
EPSS Score
1.53%
Published
2011-06-24
Updated
2024-03-19
servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
Max CVSS
6.4
EPSS Score
0.57%
Published
2011-06-24
Updated
2011-10-27
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
Max CVSS
6.8
EPSS Score
2.41%
Published
2011-06-24
Updated
2011-08-11
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.
Max CVSS
6.8
EPSS Score
1.19%
Published
2011-06-24
Updated
2011-10-27
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
Max CVSS
6.8
EPSS Score
3.02%
Published
2011-06-24
Updated
2011-08-11
QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
Max CVSS
6.8
EPSS Score
1.19%
Published
2011-06-24
Updated
2011-10-21
Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.
Max CVSS
7.5
EPSS Score
0.81%
Published
2011-06-24
Updated
2017-08-17
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.
Max CVSS
6.8
EPSS Score
0.99%
Published
2011-06-24
Updated
2011-10-27
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.
Max CVSS
6.8
EPSS Score
2.58%
Published
2011-06-24
Updated
2011-11-24
Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.
Max CVSS
6.8
EPSS Score
1.02%
Published
2011-06-24
Updated
2011-07-23
Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow.
Max CVSS
7.5
EPSS Score
0.66%
Published
2011-06-24
Updated
2011-07-23
Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
8.42%
Published
2011-06-24
Updated
2012-02-04
AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network.
Max CVSS
7.8
EPSS Score
0.16%
Published
2011-06-24
Updated
2011-06-27
19 vulnerabilities found