Apple : Security Vulnerabilities, CVEs, Published In 2007 CVSS score >= 5
CVE-2007-6166
Public exploit
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Max CVSS
9.3
EPSS Score
97.02%
Published
2007-11-29
Updated
2018-10-30
CVE-2007-6165
Public exploit
Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.
Max CVSS
9.3
EPSS Score
13.93%
Published
2007-11-29
Updated
2011-10-06
CVE-2007-5863
Public exploit
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.
Max CVSS
9.3
EPSS Score
91.79%
Published
2007-12-19
Updated
2018-10-15
CVE-2007-2386
Public exploit
Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet.
Max CVSS
9.4
EPSS Score
41.76%
Published
2007-05-24
Updated
2017-07-29
CVE-2007-2175
Public exploit
Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007.
Max CVSS
7.6
EPSS Score
95.21%
Published
2007-04-24
Updated
2018-10-16
CVE-2007-0015
Public exploit
Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.
Max CVSS
6.8
EPSS Score
96.63%
Published
2007-01-01
Updated
2017-10-19
6 vulnerabilities found