Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple installer vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2007-0465
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote malicious users to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.
Apple Installer 2.1.5
Apple Mac Os X 10.4.8
1 EDB exploit
4.3
CVSSv2
CVE-2011-0190
Install Helper in Installer in Apple Mac OS X prior to 10.6.7 does not properly process an unspecified URL, which might allow remote malicious users to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server.
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.6
Apple Installer
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.3
Apple Mac Os X 10.6.5
Apple Mac Os X Server 10.6.5
Apple Mac Os X Server 10.6.6
Apple Mac Os X Server 10.6.0
Apple Mac Os X Server 10.6.2
Apple Mac Os X Server 10.6.4
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.3
7.2
CVSSv2
CVE-2009-2027
The Installer in Apple Safari prior to 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method.
Apple Safari 3.0.2
Apple Safari 3.1.2
Apple Safari 3.2
Apple Safari 3.0.3
Apple Safari 3.0.4
Apple Safari 3.0
Apple Safari 3.0.1
Apple Safari 3.2.1
Apple Safari 3.2.2
Apple Safari
Apple Safari 3.1
Apple Safari 3.1.1
6.8
CVSSv2
CVE-2013-1027
Installer in Apple Mac OS X prior to 10.8.5 provides an option to continue a package's installation after encountering a revoked certificate, which might allow user-assisted remote malicious users to execute arbitrary code via a crafted package.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X
Apple Mac Os X 10.8.1
4.4
CVSSv2
CVE-2019-8801
A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.
Apple Itunes
Apple Mac Os X
6.8
CVSSv2
CVE-2017-2218
Untrusted search path vulnerability in Installer of QuickTime for Windows allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Apple Quicktime
7.2
CVSSv2
CVE-2016-1742
Untrusted search path vulnerability in the installer in Apple iTunes prior to 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Apple Itunes
7.6
CVSSv2
CVE-2019-6232
A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.
Apple Icloud
7.6
CVSSv2
CVE-2019-6236
A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution.
Apple Icloud
10
CVSSv2
CVE-2006-4404
The Installer application in Apple Mac OS X 10.4.8 and previous versions, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges.
Apple Mac Os X
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »