Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.4.10 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2007-0646
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 up to and including 10.4.10, allows remote user-assisted malicious users to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling t...
Apple Imovie 6.0.3
Apple Safari
Apple Mac Os X 10.3.9
1 EDB exploit
6.8
CVSSv2
CVE-2007-2405
Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote malicious users to execute arbitrary code via a crafted PDF file.
Apple Pdfkit
4.3
CVSSv2
CVE-2007-0478
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote malicious users to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within...
Apple Safari
Apple Webcore
6.8
CVSSv2
CVE-2007-2403
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote malicious users to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.
Apple Cfnetwork
4.3
CVSSv2
CVE-2007-4692
The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 up to and including 10.4.10, allows remote malicious users to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to...
Apple Safari
Apple Safari 3.0
Apple Safari 3.0.2
6.8
CVSSv2
CVE-2007-2406
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote malicious users to execute arbitrary code via a crafted Quartz Composer file.
Apple Quartz Composer
4.3
CVSSv2
CVE-2007-2410
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote malicious users to conduct cross-site scripting (XSS) attacks.
Apple Webcore
4.3
CVSSv2
CVE-2007-2409
Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote malicious users to obtain sensitive information via a popup window, which is able to read the current URL of the parent window.
Apple Webcore
6.8
CVSSv2
CVE-2007-3747
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instantiation and manipulation to valid heap addresses, which allows remote malicious users to execute arbitrary code via a crafted applet.
Apple Ichat
6.8
CVSSv2
CVE-2007-3746
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote malicious users to execute arbitrary code via a crafted applet.
Apple Ichat
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »