Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow.
Max CVSS
7.5
EPSS Score
0.66%
Published
2011-06-24
Updated
2011-07-23
Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.
Max CVSS
7.5
EPSS Score
0.81%
Published
2011-06-24
Updated
2017-08-17
Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.5
EPSS Score
2.02%
Published
2011-10-14
Updated
2012-01-14
Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to interaction between Software Update and distribution scripts.
Max CVSS
6.8
EPSS Score
0.31%
Published
2011-01-10
Updated
2011-01-20
Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an AppleScript Studio application.
Max CVSS
6.8
EPSS Score
0.33%
Published
2011-03-23
Updated
2011-03-24
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font.
Max CVSS
6.8
EPSS Score
0.41%
Published
2011-03-23
Updated
2011-03-24
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font.
Max CVSS
6.8
EPSS Score
0.41%
Published
2011-03-23
Updated
2011-03-24
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font.
Max CVSS
6.8
EPSS Score
0.52%
Published
2011-03-23
Updated
2011-03-24
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font.
Max CVSS
6.8
EPSS Score
0.41%
Published
2011-03-23
Updated
2011-03-24
CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font.
Max CVSS
6.8
EPSS Score
0.47%
Published
2011-03-23
Updated
2011-03-24
Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.
Max CVSS
6.8
EPSS Score
0.56%
Published
2011-03-23
Updated
2011-06-27
QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a crafted formula that uses unspecified opcodes.
Max CVSS
6.8
EPSS Score
2.35%
Published
2011-03-23
Updated
2011-10-20
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
Max CVSS
6.8
EPSS Score
1.22%
Published
2011-03-23
Updated
2011-08-11
Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.
Max CVSS
6.8
EPSS Score
0.41%
Published
2011-03-23
Updated
2011-03-23
Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.
Max CVSS
6.8
EPSS Score
0.56%
Published
2011-03-23
Updated
2011-03-23
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.
Max CVSS
6.8
EPSS Score
1.40%
Published
2011-06-24
Updated
2011-10-27
Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
8.42%
Published
2011-06-24
Updated
2012-02-04
Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.
Max CVSS
6.8
EPSS Score
1.02%
Published
2011-06-24
Updated
2011-07-23
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.
Max CVSS
6.8
EPSS Score
2.58%
Published
2011-06-24
Updated
2011-11-24
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.
Max CVSS
6.8
EPSS Score
0.99%
Published
2011-06-24
Updated
2011-10-27
QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
Max CVSS
6.8
EPSS Score
1.19%
Published
2011-06-24
Updated
2011-10-21
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
Max CVSS
6.8
EPSS Score
3.02%
Published
2011-06-24
Updated
2011-08-11
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.
Max CVSS
6.8
EPSS Score
1.19%
Published
2011-06-24
Updated
2011-10-27
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
Max CVSS
6.8
EPSS Score
2.41%
Published
2011-06-24
Updated
2011-08-11
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
Max CVSS
6.8
EPSS Score
1.53%
Published
2011-06-24
Updated
2024-03-19