cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
Max CVSS
5.0
EPSS Score
58.97%
Published
2013-11-28
Updated
2022-10-31
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
Max CVSS
7.5
EPSS Score
94.98%
Published
2013-12-17
Updated
2018-10-30
QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file.
Max CVSS
6.8
EPSS Score
1.04%
Published
2013-09-16
Updated
2014-03-06
The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser.
Max CVSS
4.9
EPSS Score
0.08%
Published
2013-09-16
Updated
2013-09-18
Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
Max CVSS
6.8
EPSS Score
3.65%
Published
2013-09-16
Updated
2013-09-27
Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document.
Max CVSS
6.8
EPSS Score
7.01%
Published
2013-09-16
Updated
2013-09-27
CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
Max CVSS
6.8
EPSS Score
0.99%
Published
2013-06-05
Updated
2014-01-28
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file.
Max CVSS
9.3
EPSS Score
51.59%
Published
2013-05-24
Updated
2017-09-19
Disk Management in Apple Mac OS X before 10.8.4 does not properly authenticate attempts to disable FileVault, which allows local users to cause a denial of service (loss of encryption functionality) via an unspecified command line.
Max CVSS
2.1
EPSS Score
0.04%
Published
2013-06-05
Updated
2013-06-05
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
Max CVSS
9.3
EPSS Score
1.19%
Published
2013-06-05
Updated
2013-06-05
Stack consumption vulnerability in CoreAnimation in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text glyph in a URL encountered by Safari.
Max CVSS
6.8
EPSS Score
0.11%
Published
2013-06-05
Updated
2013-06-05
IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted graphics image.
Max CVSS
6.8
EPSS Score
0.09%
Published
2013-03-15
Updated
2013-06-05
Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
Max CVSS
6.8
EPSS Score
0.29%
Published
2013-06-05
Updated
2013-06-05
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.
Max CVSS
6.1
EPSS Score
3.09%
Published
2013-09-19
Updated
2017-08-29
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!