Download
| Alert*
|
oval:org.secpod.oval:def:3849
The host is installed with Apple Mac OS X Server before 10.6.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a string argument that represents a large number. Successful exploitation could allow remote attackers to crash ... oval:org.secpod.oval:def:3154 The host is installed with Apple Mac OS X 10.6.8 and is prone to multiple vulnerabilities. The flaw are present in the application, which fails to handle disk images. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:3168 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle API in Apple Type Services (ATS). Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3844 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PostScript document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3813 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PEF image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3824 The host is installed with Apple Mac OS X 10.5.8 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted NEF image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3110 The host is installed with Apple Mac OS X 10.6.8 and is prone to an out-of-bounds memory access vulnerability. A flaw is present in the application, which fails to handle embedded Type 1 fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3164 The host is installed with Apple Mac OS X 10.6.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted QuickTime movie files. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3167 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle cookies properly. Successful exploitation could allow attackers to set cookies that would be blocked were the preference enforced. oval:org.secpod.oval:def:3864 The host is installed with Apple Mac OS X Sever 10.5.8 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to restrict the file types of uploaded files. Successful exploitation could allow attackers to gain sensitive information. oval:org.secpod.oval:def:3826 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.2 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to perform improved memory reference tracking. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3128 The host is installed with Apple Mac OS X 10.6.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which updates App Store help content over HTTP. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3838 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to an improper logging vulnerability. A flaw is present in the application, which fails remove the capability to disable group chat logs, and log all messages that are sent through the server. Successful exploitation could a ... oval:org.secpod.oval:def:3815 The host is installed with Apple Mac OS X before 10.6.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly disable the filter rules associated with a deleted mail account. Successful exploitation could allow attackers to have unspecified impac ... oval:org.secpod.oval:def:3156 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL). Successful exploitation could allow att ... oval:org.secpod.oval:def:4304 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted Wiki content. Successful exploitation allows remote attackers to inject arbitrary web script or HTML . oval:org.secpod.oval:def:3158 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to prevent FireWire DMA in the absence of a login. Successful exploitation could allow attackers to bypass intended access restrictions. oval:org.secpod.oval:def:3157 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle file deletions in directories with the sticky bit. Successful exploitation could allow attackers to bypass intended permiss ... oval:org.secpod.oval:def:3831 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors related to use of wheel group membership during access to the home directories of user accounts. Successful explo ... oval:org.secpod.oval:def:3835 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to an improper login access vulnerability. A flaw is present in the application, which fails to properly perform password replication. Successful exploitation could allow remote authenticated users to obtain login access via ... oval:org.secpod.oval:def:3161 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection. Success ... oval:org.secpod.oval:def:3160 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a locked-screen state in display sleep mode for an Apple Cinema Display. Successful exploitation could allow attackers to bypass the password ... oval:org.secpod.oval:def:4299 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle vectors involving symbolic links. Successful exploitation could allows remote authenticated users to access a ... oval:org.secpod.oval:def:3816 The host is installed with Apple Mac OS X before 10.6.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient. ... oval:org.secpod.oval:def:4288 The host is installed with Apple Mac OS X 10.5.8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with MPEG2 encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:4286 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle directory traversal sequences in an inline image-transfer operation. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:4283 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to set the expected file ownerships. Successful exploitation allows local users to bypass intended access restrictions. oval:org.secpod.oval:def:4284 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a arbitrary file deletion vulnerability. A flaw is present in the application, which fails to handle a symlink attack in conjunction with an unmount operation on a crafted volume. Successful exploitation allows lo ... oval:org.secpod.oval:def:4293 The host is installed with Apple Mac OS X 10.5.8 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to provide expected authorization requirements. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3132 he host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash t ... oval:org.secpod.oval:def:3130 The host is installed with Apple QuickTime in Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to handle the atom hierarchy in movie files. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:3131 The host is installed with Apple Mac OS X 10.6.8 and is prone to a cross site scripting vulnerability. A flaw is present in the QuickTime Player's "Save for Web" application, which fails to remove reference to an online script. Successful exploitation could allow attackers to inject arbitrary code. oval:org.secpod.oval:def:3119 The host is installed with Quicktime in Apple Mac OS X 10.6.8 or 10.7 before 10.7.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle URL data handlers within movie files. Successful exploitation could allow attackers to disclose mem ... oval:org.secpod.oval:def:3117 The host is installed with Apple Mac OS X and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3121 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FLIC movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:2846 The host is installed with Apple Mac OS X 10.5.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle the Wi-Fi frames. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2847 The host is installed with Apple Mac OS X before 10.6.8 and is prone to an information disclosure vulnerability. A flaw is present in the application, which creates a log entry containing user's AppleID password. Successful exploitation may allow remote attackers to obtain sensitive information. oval:org.secpod.oval:def:2852 The host is installed with Apple Mac OS X 10.5.8 or 10.6.0 through 10.6.7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle Type 1 fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2855 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle JPEG2000 images. Successful exploitation could allow attackers to execute arbitrary code or crash the servic ... oval:org.secpod.oval:def:14162 The host is installed with Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to directory service vulnerability. A flaw is present in the application which doesn't handle directory server's messages from the network. Successful exploitation could allow an attacker to execute arbitra ... oval:org.secpod.oval:def:4320 The host is installed with Apple Mac OS 10.5.8 or 10.6.0 before 10.6.4 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle a crafted TIFF file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4287 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to multiple integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted TIFF file. Successful exploitation could allow attackers to trigger a heap-based buffer overflow. oval:org.secpod.oval:def:202797 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:102120 Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information . The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This pac ... oval:org.secpod.oval:def:202752 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:700358 J. David Hester discovered that Samba incorrectly handled users that lack home directories when the automated [homes] share is enabled. An authenticated user could connect to that share name and gain access to the whole filesystem. Tim Prouty discovered that the smbd daemon in Samba incorrectly han ... oval:org.secpod.oval:def:202162 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:202044 Samba is a suite of programs used by machines to share files, printers, and other information. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authe ... oval:org.secpod.oval:def:4298 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URI that triggers a UTF-7 error page. Successful exploitation could allow remote attackers to inject arbitrar ... oval:org.secpod.oval:def:3850 The host is installed with Apple Mac OS X Sever 10.5.8 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle administrator privileges. Successful exploitation could allow attackers to have unauthorized access to screen sharing. oval:org.secpod.oval:def:3737 The host is installed with Apple Mac OS X 10.5.8 and 10.6.4 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted embedded font in a document. Successful exploitation could allow attackers to execute arbitrary code or crash ... oval:org.secpod.oval:def:3741 The host is installed with Apple Mac OS X 10.5.8 or 10.6.4 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PDF file. Successful exploitation could attackers to crash the service. oval:org.secpod.oval:def:3742 The host is installed with Apple Mac OS X 10.5.8 or 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly perform comparisons to domain-name strings in X.509 certificates. Successful exploitation could allow man-in-the-middle attackers ... oval:org.secpod.oval:def:101628 Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information . The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This pac ... oval:org.secpod.oval:def:101069 Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information . The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This pac ... oval:org.mitre.oval:def:7895 Several vulnerabilities have been discovered in samba, an implementation of the SMB/CIFS protocol for Unix systems, providing support for cross-platform file and printer sharing with other operating systems and more. The Common Vulnerabilities and Exposures project identifies the following problems: ... oval:org.secpod.oval:def:101136 Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information . The Windows NT, OS/2, and Linux operating systems support this natively, and add-on packages can enable the same thing for DOS, Windows, VMS, UNIX of all kinds, MVS, and more. This pac ... oval:org.secpod.oval:def:300806 Multiple vulnerabilities has been found and corrected in samba: The SMB subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create ... oval:org.secpod.oval:def:300500 Multiple vulnerabilities has been found and corrected in samba: The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for f ... oval:org.secpod.oval:def:3502 The host is installed with Apple Mac OS X 10.5.8 or 10.6.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MP4 audio file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3505 The host is installed with Apple Mac OS X 10.5.8 or 10.6.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted DNG image. Successful exploitation could allow attackers to overflow the buffer. oval:org.secpod.oval:def:3830 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate hostnames of SSH clients. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3833 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to properly handle crafted filenames. Successful exploitation could allow attackers to read arbitrary files. oval:org.secpod.oval:def:3828 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted disk image with bzip2 compression. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3829 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly perform authorization during processing of record names. Successful exploitation could allow local users to gain privileges. oval:org.secpod.oval:def:3839 The host is installed with Apple Mac OS X and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3812 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a mount request. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3827 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted disk image with bzip2 compression. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3818 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly handle a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for ... oval:org.secpod.oval:def:3881 The host is installed with Apple Mac OS X 10.5.8 and is prone to an improper virus update vulnerability. A flaw is present in the application if Security Update 2009-005 is applied, which has an incorrect launchd.plist ProgramArguments key and consequently does not run. Successful exploitation coul ... oval:org.secpod.oval:def:3882 The host is installed with Apple Mac OS X 10.5.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a packet data. Successful exploitation could allow attackers to bypass intended access restrictions. oval:org.secpod.oval:def:3868 The host is installed with Apple Mac OS X 10.5.8 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly validate package signatures. Successful exploitation could allow attackers allow remote attackers to have unspecified impacts. oval:org.secpod.oval:def:5794 The host is installed with Apple Mac OS X 10.7.x before 10.7.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors involving a temporary files. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:5810 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:5811 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer underflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ... oval:org.secpod.oval:def:5818 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted input. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:5809 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted audio sample tables in a movie file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:5808 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to properly handle screen savers. Successful exploitation could allow attackers to bypass screen locking and launch a S ... oval:org.secpod.oval:def:5819 The host is installed with Apple Mac OS X 10.7.0 before 10.7.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails does not require continued use of SRP-based authentication after this authentication method is first used. Successful exploitation could a ... oval:org.secpod.oval:def:5802 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a network sniffing attack vulnerability. A flaw is present in the application, which fails to properly restrict the length of RSA keys within X.509 certificates. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:5801 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an uninitialized memory access vulnerability. A flaw is present in the application, which fails to properly handle X.509 certificates. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:2854 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, as it fails to handle TIFF images. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:10708 The host is installed with Mac OS X 10.8.x before 10.8.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application from reading passwords entered into Login Window. Successful exploitation could allow attackers to read ... oval:org.secpod.oval:def:10709 The host is installed with Mac OS X 10.6.8 or OS X Lion v10.7 to v10.7.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle an e-mail message that triggers the loading of a third-party plugin. Successful exploitation could allow att ... oval:org.secpod.oval:def:3030 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an unspecified integer field in an NFS RPC packet. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:10703 The host is installed with Mac OS X 10.6.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to perform proper bounds checking. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3021 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted XBM image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:10722 The host is installed with Mac OS X 10.6.8 or 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with Sorenson encoding. Successful exploitation allows remote attackers to execute arbitrary code or ca ... oval:org.secpod.oval:def:10724 The host is installed with Mac OS X 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle USB hub descriptors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:1502253 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:4280 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to handle requests that change settings. Successful exploitation could allow attackers to hijack the authentication of ... oval:org.secpod.oval:def:4305 The host is missing a security update according to Apple advisory, APPLE-SA-2010-06-15-1 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation allows remote attackers to crash the service, execute arbitrary o ... oval:org.secpod.oval:def:3050 The host is missing an important security update according to, APPLE-SA-2011-03-21-1. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:4689 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted RAW image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4694 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a bidirectional text string with ellipsis truncation. Successful exploitation could allow remote attackers to crash ... oval:org.secpod.oval:def:4695 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the password-validation functionality in Directory Services. Successful exploitation could allow ... oval:org.secpod.oval:def:4698 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PDF document. Successful exploitation could allow remote attackers to execute arbitrary ... oval:org.secpod.oval:def:4696 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle errors associated with disabled mobile accounts. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:4697 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font in a PDF document. Successful exploitation could allow remote attackers to execute arbitrary ... oval:org.secpod.oval:def:4690 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted PSD image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:2588 The host is installed with Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 or iWorks 9.0 through 9.0.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted office document. Successful exploitation could allow attackers to crash the se ... oval:org.secpod.oval:def:4624 The host is installed with Apple Mac OS X 10.5.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted embedded Compact Font Format (CFF) font in a document. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:4629 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle XML data. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4627 The host is installed with Apple Mac OS X Server 10.5.8 or 10.6 before 10.6.5 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly validate input. Successful exploitation could allow remote authenticated users to inject arbitrary web scr ... oval:org.secpod.oval:def:4628 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a maliciously crafted "feed:" URL. Successful exploitation could allow remote attackers to obtain sensitive info ... oval:org.secpod.oval:def:4630 The host is installed with Apple Mac OS X Server 10.5.8 or 10.6 before 10.6.5 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly perform replication. Successful exploitation could allow remote attackers to bypass verification of the current ... oval:org.secpod.oval:def:4729 The host is missing a critical security update according to Apple advisory, APPLE-SA-2010-11-10-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:4702 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long name of an embedded font in a document. Successful exploitation could allow remote attacke ... oval:org.secpod.oval:def:4703 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly signal error conditions. Successful exploitation could allow remote attackers to determine the existence of ... oval:org.secpod.oval:def:4701 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted embedded font in a document. Successful exploitation could allow remote attackers to ex ... oval:org.secpod.oval:def:4704 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to prevent creation of file that are outside the bounds of a share. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:4705 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted reconnect authentication packets. Successful exploitation could allow remote attackers to crash the service oval:org.secpod.oval:def:3748 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-08-24-1. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to cr ... oval:org.secpod.oval:def:3514 The host is installed with Apple Mac OS X 10.5.8 or 10.6.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute arbitrary code, crash the service or c ... oval:org.secpod.oval:def:3869 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-29-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:2880 The host is missing an update according to Apple advisory APPLE-SA-2011-06-23-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle malicious input. Successful exploitation could allow attackers to execute arbitrary code, gain sens ... oval:org.secpod.oval:def:10725 The host is installed with Apple Mac OS X 10.6.8, 10.7 before 10.7.5 or 10.8 before 10.8.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5820 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute ... |
