Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Subscriptions

Search

Switch to Advanced Search (Beta)
Total 5568 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-1238 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable.
CVE-2009-1235 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
CVE-2009-1060 1 Apple 2 Mac Os X, Safari 2025-04-09 N/A
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Charlie Miller during a PWN2OWN competition at CanSecWest 2009.
CVE-2009-0949 6 Apple, Canonical, Debian and 3 more 8 Cups, Mac Os X, Mac Os X Server and 5 more 2025-04-09 7.5 High
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.
CVE-2009-0946 7 Apple, Canonical, Debian and 4 more 10 Iphone Os, Mac Os X, Mac Os X Server and 7 more 2025-04-09 N/A
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
CVE-2009-0944 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not properly validate Microsoft Office files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a file that triggers memory corruption.
CVE-2009-0943 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.
CVE-2009-0942 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.
CVE-2009-0160 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image that triggers memory corruption.
CVE-2009-0158 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long hostname for a telnet server.
CVE-2009-0157 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers.
CVE-2009-0156 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read.
CVE-2009-0155 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow.
CVE-2009-0154 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font.
CVE-2009-0151 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not prevent four-finger Multi-Touch gestures, which allows physically proximate attackers to bypass locking and "manage applications or use Expose" via unspecified vectors.
CVE-2009-0150 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image.
CVE-2009-0149 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption.
CVE-2009-0142 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic."
CVE-2009-0140 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name.
CVE-2009-0139 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow.