Apple: >> Mac Os X Server >> 10.6.5 Security Vulnerabilities
Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.
CVSS Score
6.8
EPSS Score
0.012
Published
2011-03-23
Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.
CVSS Score
6.8
EPSS Score
0.011
Published
2011-03-23
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
CVSS Score
7.2
EPSS Score
0.004
Published
2011-03-23
Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue."
CVSS Score
5.0
EPSS Score
0.007
Published
2011-03-23
QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a crafted formula that uses unspecified opcodes.
CVSS Score
6.8
EPSS Score
0.024
Published
2011-03-23
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
CVSS Score
4.3
EPSS Score
0.01
Published
2011-03-23
The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.
CVSS Score
4.3
EPSS Score
0.006
Published
2011-03-23
AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162.
CVSS Score
4.9
EPSS Score
0.002
Published
2011-03-23
Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an AppleScript Studio application.
CVSS Score
6.8
EPSS Score
0.007
Published
2011-03-23
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font.
CVSS Score
6.8
EPSS Score
0.015
Published
2011-03-23