Apple » Mac Os X Server » 10.3.4 : Security Vulnerabilities, CVEs, Published In 2007
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
Max CVSS
9.8
EPSS Score
68.66%
Published
2007-07-16
Updated
2024-01-12
CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting (XSS) attacks.
Max CVSS
5.0
EPSS Score
0.78%
Published
2007-08-03
Updated
2017-07-29
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
Max CVSS
5.0
EPSS Score
87.68%
Published
2007-06-27
Updated
2024-02-15
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
Max CVSS
7.5
EPSS Score
16.73%
Published
2007-02-16
Updated
2024-02-09
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-05-24
Updated
2018-10-16
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-05-24
Updated
2017-07-29
6 vulnerabilities found