Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple installer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0465
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote malicious users to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename.
Apple Installer 2.1.5
Apple Mac Os X 10.4.8
1 EDB exploit
NA
CVE-2011-0190
Install Helper in Installer in Apple Mac OS X prior to 10.6.7 does not properly process an unspecified URL, which might allow remote malicious users to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server.
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.6
Apple Installer
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.3
Apple Mac Os X 10.6.5
Apple Mac Os X Server 10.6.5
Apple Mac Os X Server 10.6.6
Apple Mac Os X Server 10.6.0
Apple Mac Os X Server 10.6.2
Apple Mac Os X Server 10.6.4
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.3
NA
CVE-2009-2027
The Installer in Apple Safari prior to 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method.
Apple Safari 3.0.2
Apple Safari 3.1.2
Apple Safari 3.2
Apple Safari 3.0.3
Apple Safari 3.0.4
Apple Safari 3.0
Apple Safari 3.0.1
Apple Safari 3.2.1
Apple Safari 3.2.2
Apple Safari
Apple Safari 3.1
Apple Safari 3.1.1
NA
CVE-2013-1027
Installer in Apple Mac OS X prior to 10.8.5 provides an option to continue a package's installation after encountering a revoked certificate, which might allow user-assisted remote malicious users to execute arbitrary code via a crafted package.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X
Apple Mac Os X 10.8.1
7.8
CVSSv3
CVE-2019-8801
A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.
Apple Itunes
Apple Mac Os X
7.8
CVSSv3
CVE-2017-2218
Untrusted search path vulnerability in Installer of QuickTime for Windows allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Apple Quicktime
7.8
CVSSv3
CVE-2016-1742
Untrusted search path vulnerability in the installer in Apple iTunes prior to 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Apple Itunes
7.5
CVSSv3
CVE-2019-6232
A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.
Apple Icloud
7.5
CVSSv3
CVE-2019-6236
A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution.
Apple Icloud
NA
CVE-2006-4404
The Installer application in Apple Mac OS X 10.4.8 and previous versions, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges.
Apple Mac Os X
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »