Download
| Alert*
oval:org.mitre.oval:def:6741
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow. oval:org.secpod.oval:def:3342 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-30-2. A flaw is present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:3347 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-30-2. A flaw is present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:3486 The host is installed with Apple Safari before 5.0.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3497 The host is installed with Apple Safari before 4.0.5 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle user supplied input. Successful exploitation could allow attackers to crash the service. |