Download
| Alert*
|
oval:org.secpod.oval:def:3169
The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaw are present in the applications, which fails to handle crafted input. Successful exploitation could allow attackers to overflow the buffer, execute arbitrary ... oval:org.secpod.oval:def:3849 The host is installed with Apple Mac OS X Server before 10.6.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a string argument that represents a large number. Successful exploitation could allow remote attackers to crash ... oval:org.secpod.oval:def:3500 The host is installed with Apple Mac OS X 10.6.x through 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle errors. Successful exploitation could allow attackers to bypass the password requirement for shared-folder. oval:org.secpod.oval:def:3501 The host is installed with Apple Mac OS X 10.6.x through 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle errors. Successful exploitation could allow attackers to bypass the password requirement for shared-folder. oval:org.secpod.oval:def:3154 The host is installed with Apple Mac OS X 10.6.8 and is prone to multiple vulnerabilities. The flaw are present in the application, which fails to handle disk images. Successful exploitation could allow attackers to crash the service or execute arbitrary code. oval:org.secpod.oval:def:3168 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle API in Apple Type Services (ATS). Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3844 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PostScript document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3813 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PEF image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3110 The host is installed with Apple Mac OS X 10.6.8 and is prone to an out-of-bounds memory access vulnerability. A flaw is present in the application, which fails to handle embedded Type 1 fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3164 The host is installed with Apple Mac OS X 10.6.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted QuickTime movie files. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3167 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle cookies properly. Successful exploitation could allow attackers to set cookies that would be blocked were the preference enforced. oval:org.secpod.oval:def:3826 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.2 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to perform improved memory reference tracking. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3128 The host is installed with Apple Mac OS X 10.6.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which updates App Store help content over HTTP. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3838 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to an improper logging vulnerability. A flaw is present in the application, which fails remove the capability to disable group chat logs, and log all messages that are sent through the server. Successful exploitation could a ... oval:org.secpod.oval:def:3815 The host is installed with Apple Mac OS X before 10.6.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly disable the filter rules associated with a deleted mail account. Successful exploitation could allow attackers to have unspecified impac ... oval:org.secpod.oval:def:3156 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL). Successful exploitation could allow att ... oval:org.secpod.oval:def:4304 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted Wiki content. Successful exploitation allows remote attackers to inject arbitrary web script or HTML . oval:org.secpod.oval:def:3158 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to prevent FireWire DMA in the absence of a login. Successful exploitation could allow attackers to bypass intended access restrictions. oval:org.secpod.oval:def:3157 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle file deletions in directories with the sticky bit. Successful exploitation could allow attackers to bypass intended permiss ... oval:org.secpod.oval:def:3831 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors related to use of wheel group membership during access to the home directories of user accounts. Successful explo ... oval:org.secpod.oval:def:3835 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to an improper login access vulnerability. A flaw is present in the application, which fails to properly perform password replication. Successful exploitation could allow remote authenticated users to obtain login access via ... oval:org.secpod.oval:def:3842 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to prevent deletion of access restrictions of a Podcast Composer workflow when this workflow is overwritten. Successful exploitation could a ... oval:org.secpod.oval:def:3843 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to support Login Window access control that is based solely on group membership. Successful exploitation could allow attackers to bypass int ... oval:org.secpod.oval:def:3161 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection. Success ... oval:org.secpod.oval:def:3160 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a locked-screen state in display sleep mode for an Apple Cinema Display. Successful exploitation could allow attackers to bypass the password ... oval:org.secpod.oval:def:3865 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to enforce the service access control list (SACL) for weblogs during weblog creation. Successful exploitation could allow remote authenticat ... oval:org.secpod.oval:def:4299 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle vectors involving symbolic links. Successful exploitation could allows remote authenticated users to access a ... oval:org.secpod.oval:def:3816 The host is installed with Apple Mac OS X before 10.6.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient. ... oval:org.secpod.oval:def:4288 The host is installed with Apple Mac OS X 10.5.8 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with MPEG2 encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:4285 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle via a crafted help: URL. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:4286 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle directory traversal sequences in an inline image-transfer operation. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:4283 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to set the expected file ownerships. Successful exploitation allows local users to bypass intended access restrictions. oval:org.secpod.oval:def:4284 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a arbitrary file deletion vulnerability. A flaw is present in the application, which fails to handle a symlink attack in conjunction with an unmount operation on a crafted volume. Successful exploitation allows lo ... oval:org.secpod.oval:def:4296 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly interpret character encoding. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4297 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a integer overflow vulnerability. A flaw is present in the application, which fails to handle vectors related to page sizes. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4294 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to multiple format string vulnerabilities. The flaws are present in the application, which fails to handle format string specifiers in a (1) afp, (2) cifs, or (3) smb URL. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:4295 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle certain SSL failures. Successful exploitation could allow attackers to spoof arbitrary network account servers, and poss ... oval:org.secpod.oval:def:3132 he host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash t ... oval:org.secpod.oval:def:3130 The host is installed with Apple QuickTime in Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to handle the atom hierarchy in movie files. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:3131 The host is installed with Apple Mac OS X 10.6.8 and is prone to a cross site scripting vulnerability. A flaw is present in the QuickTime Player's "Save for Web" application, which fails to remove reference to an online script. Successful exploitation could allow attackers to inject arbitrary code. oval:org.secpod.oval:def:3119 The host is installed with Quicktime in Apple Mac OS X 10.6.8 or 10.7 before 10.7.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle URL data handlers within movie files. Successful exploitation could allow attackers to disclose mem ... oval:org.secpod.oval:def:3117 The host is installed with Apple Mac OS X and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3121 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FLIC movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:3774 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with RLE encoding. Successful exploitation could allow attackers to trigger memory c ... oval:org.secpod.oval:def:3775 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a malformed movie file. Successful exploitation could allow attackers to trigger an incorrect buffer leng ... oval:org.secpod.oval:def:3772 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with H.261 encoding. Successful exploitation could allow attackers to crash the serv ... oval:org.secpod.oval:def:3773 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:3778 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted genl atom in a QuickTime movie file with MPEG encoding. Successful exploitation could allow att ... oval:org.secpod.oval:def:3776 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted movie file with Sorenson encoding. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:3777 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle DELTA_FLI chunks and untrusted length values in a .fli file. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:2861 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle Microsoft office files. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2864 The host is installed with Apple Mac OS X Server 10.5.8 or 10.6 through 10.6.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle an XML-RPC request containing an entity declaration in conjunction with an entity reference. Successful exploi ... oval:org.secpod.oval:def:2848 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, as it fails to handle the TrueType fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2847 The host is installed with Apple Mac OS X before 10.6.8 and is prone to an information disclosure vulnerability. A flaw is present in the application, which creates a log entry containing user's AppleID password. Successful exploitation may allow remote attackers to obtain sensitive information. oval:org.secpod.oval:def:2853 The host is installed with Apple Mac OS X 10.6 through v10.6.7 and is prone to an arbitrary directory listing vulnerability. A flaw is present in the application, which fails to validate the path properly. Successful exploitation could allow any person with FTP access to list all the files recursive ... oval:org.secpod.oval:def:2852 The host is installed with Apple Mac OS X 10.5.8 or 10.6.0 through 10.6.7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle Type 1 fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2855 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle JPEG2000 images. Successful exploitation could allow attackers to execute arbitrary code or crash the servic ... oval:org.secpod.oval:def:2857 The host is installed with Apple Mac OS X 10.6 through v10.6.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle the IPV6 sockets. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2859 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which uses cleartext HTTP session to read e-mail addresses. Successful exploitation could allow a privileged attacker to retrieve an user's ema ... oval:org.secpod.oval:def:2028 The host is installed with Apple QuickTime before 7.7, Apple Mac OS X 10.6 through 10.6.6 or 10.7.0 before 10.7.2 and is prone to cross-origin bypass vulnerability. A flaw is present in the application which fails to properly handle cross-site redirects. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:2592 The host is missing a security update according to APPLE-SA-2011-01-06-1. The update is required to fix multiple vulnerabilities. The flaws are present in PackageKit, which fail to handle distribution scripts. Successful exploitation could allow an attacker to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:2593 The host is installed with Apple Mac OS X 10.6 through 10.6.5 and is prone to a format string vulnerability. A flaw is present in the application, which fails to prevent man in the middle attack. Successful exploitation could allow an attacker to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2590 The host is installed with Apple Mac OS X before 10.6.7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a Microsoft Office document with a crafted size field. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:14162 The host is installed with Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to directory service vulnerability. A flaw is present in the application which doesn't handle directory server's messages from the network. Successful exploitation could allow an attacker to execute arbitra ... oval:org.secpod.oval:def:4320 The host is installed with Apple Mac OS 10.5.8 or 10.6.0 before 10.6.4 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle a crafted TIFF file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4287 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to multiple integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted TIFF file. Successful exploitation could allow attackers to trigger a heap-based buffer overflow. oval:org.secpod.oval:def:4298 The host is installed with Apple Mac OS X 10.6 before 10.6.4 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URI that triggers a UTF-7 error page. Successful exploitation could allow remote attackers to inject arbitrar ... oval:org.secpod.oval:def:3830 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly validate hostnames of SSH clients. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3833 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to properly handle crafted filenames. Successful exploitation could allow attackers to read arbitrary files. oval:org.secpod.oval:def:3832 The host is installed with Apple Mac OS X server before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted RADIUS Access Request message. Successful exploitation could allow attackers to obtain network connectivity. oval:org.secpod.oval:def:3828 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted disk image with bzip2 compression. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3829 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly perform authorization during processing of record names. Successful exploitation could allow local users to gain privileges. oval:org.secpod.oval:def:3812 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a mount request. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3821 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a directory traversal vulnerability. A flaw is present in the application, which allow attackers to share root's parent directory, and read and modify files in that directory. Successful exploitation could allow attackers to obt ... oval:org.secpod.oval:def:3827 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted disk image with bzip2 compression. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3818 The host is installed with Apple Mac OS X before 10.6.3 and is prone to a incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly handle a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for ... oval:org.secpod.oval:def:3770 The host is installed with Apple Quicktime before 7.6.6 or Apple Mac OS X 10.6 before 10.6.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted audio content with QDMC encoding. Successful exploitation could allow attac ... oval:org.secpod.oval:def:3771 The host is installed with Apple Mac OS X 10.6 before 10.6.3 or Apple Quicktime 7.6.6 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a malformed .3g2 movie file. Successful exploitation could allow attackers to trigger an incorrect buffer ... oval:org.secpod.oval:def:3870 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly resolve pathnames in certain circumstances involving an application's save panel. Successful exploitation could allow attac ... oval:org.secpod.oval:def:3877 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails properly perform access control checks. Successful exploitation could allow remote authenticated users to bypass intended access restri ... oval:org.secpod.oval:def:3876 The host is installed with Apple Mac OS X 10.6 before 10.6.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails ensure that copied files are owned by the user performing the copy. Successful exploitation could allow local users to bypass intended disk- ... oval:org.secpod.oval:def:3769 The host is installed with Apple Mac OS X before 10.6.3 or Quicktime before 7.7.6 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fails to handle crafted audio content with QDM2 encoding. Successful exploitation could allow attackers to crash the servi ... oval:org.secpod.oval:def:5794 The host is installed with Apple Mac OS X 10.7.x before 10.7.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors involving a temporary files. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:5810 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:5811 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer underflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ... oval:org.secpod.oval:def:5818 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted input. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:5809 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted audio sample tables in a movie file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:5808 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to properly handle screen savers. Successful exploitation could allow attackers to bypass screen locking and launch a S ... oval:org.secpod.oval:def:5819 The host is installed with Apple Mac OS X 10.7.0 before 10.7.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails does not require continued use of SRP-based authentication after this authentication method is first used. Successful exploitation could a ... oval:org.secpod.oval:def:5802 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a network sniffing attack vulnerability. A flaw is present in the application, which fails to properly restrict the length of RSA keys within X.509 certificates. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:5801 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an uninitialized memory access vulnerability. A flaw is present in the application, which fails to properly handle X.509 certificates. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:2851 The host is installed with Apple Mac OS X 10.6 through 10.6.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle CFString object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2850 The host is installed with Mac OS X 10.6 through 10.6.7 or Apple Safari before 5.0.5 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle images with an embedded ColorSync profile. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:2856 The host is installed with Apple Mac OS X and is prone to a buffer overflow vulnerability. A flaw is present in the application, as it fails to handle uppercase strings. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:2854 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.7 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, as it fails to handle TIFF images. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3900 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a certificate spoofing vulnerability. The flaw is present in the application, which fails to properly handle an untrusted attribute of a certification authority certificate. Successful exploitation could allow a ... oval:org.secpod.oval:def:3891 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly perform OpenGL Shading Language (aka GLSL) compilation. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:3896 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:3888 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle a crafted PNG file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3889 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to an Off-by-one buffer overflow vulnerability. The flaw is present in the application, which fails to handle a crafted rdrf atom in a movie file. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:10708 The host is installed with Mac OS X 10.8.x before 10.8.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application from reading passwords entered into Login Window. Successful exploitation could allow attackers to read ... oval:org.secpod.oval:def:10709 The host is installed with Mac OS X 10.6.8 or OS X Lion v10.7 to v10.7.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle an e-mail message that triggers the loading of a third-party plugin. Successful exploitation could allow att ... oval:org.secpod.oval:def:3030 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an unspecified integer field in an NFS RPC packet. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:10703 The host is installed with Mac OS X 10.6.8 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to perform proper bounds checking. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3047 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to man-in-the-middle attack. A flaw is present in the application, which fails to prevent leveraging protocol vulnerabilities. Successful exploitation could allow attackers to spoof SSH servers. oval:org.secpod.oval:def:3040 The host is installed Quicklook in Apple Mac OS X 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, that fials to handle an Excel spreadsheet with a crafted formula that uses unspecified opcodes. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:3041 The host is installed with QuickTime in Apple Mac OS X 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted JPEG2000 image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3011 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a document that contains a crafted embedded Type 1 font. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:3012 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to multiple buffer overflow vulnerabilities. A flaw is present in the application, which fails to handle a document that contains a crafted SFNT table in an embedded font. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:3010 The host is installed with Apple Mac OS X and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle a document that contains a crafted embedded TrueType font. Successful exploitation could allow attackers to cause multiple buffer overfl ... oval:org.secpod.oval:def:3014 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a call with the kTemporaryFolderType flag. Successful exploitation could allow attackers to disclose sensitive informatio ... oval:org.secpod.oval:def:3019 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a document that contains a crafted embedded font. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:3022 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted TIFF image with JPEG encoding. oval:org.secpod.oval:def:3023 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to multiple buffer overflow vulnerabilities. The flaws are present in the applications, which fails to handle a crafted Canon RAW image. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3020 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files. Successful exploitation could allow attackers to read arbitrary data. oval:org.secpod.oval:def:3021 The host is installed with Apple Mac OS X 10.5.8 or 10.6 through 10.6.6 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted XBM image. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3024 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a URL processing issue in Install Helper. Successful exploitation could allow attackers to track user logins. oval:org.secpod.oval:def:3029 The host is installed with Apple Mac OS X 10.6 through 10.6.6 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which does not properly handle call gates. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:3005 The host is installed with Mac OS X 10.6 through 10.6.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a divide by zero error. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3008 The host is installed with Mac OS X 10.6 through 10.6.6 and is prone to multiple format string vulnerabilities. A flaw is present in the application, which fails to handle format string specifiers. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3009 The host is installed with Apple Mac OS X 10.6.0 through 10.6.6 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application which fails to handle open type fonts. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:10722 The host is installed with Mac OS X 10.6.8 or 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with Sorenson encoding. Successful exploitation allows remote attackers to execute arbitrary code or ca ... oval:org.secpod.oval:def:10724 The host is installed with Mac OS X 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle USB hub descriptors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:4280 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.4 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to handle requests that change settings. Successful exploitation could allow attackers to hijack the authentication of ... oval:org.secpod.oval:def:4305 The host is missing a security update according to Apple advisory, APPLE-SA-2010-06-15-1 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation allows remote attackers to crash the service, execute arbitrary o ... oval:org.secpod.oval:def:2849 The host is installed with Apple Mac OS X 10.6 through 10.6.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to check the CRL properly and a revoked certificate may be accepted as valid. Successful exploitation could allow attackers to spo ... oval:org.secpod.oval:def:3050 The host is missing an important security update according to, APPLE-SA-2011-03-21-1. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:4688 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a memory management issue. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4689 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted RAW image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4694 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a bidirectional text string with ellipsis truncation. Successful exploitation could allow remote attackers to crash ... oval:org.secpod.oval:def:4695 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle the password-validation functionality in Directory Services. Successful exploitation could allow ... oval:org.secpod.oval:def:4693 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a bidirectional text string with ellipsis truncation. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4698 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted PDF document. Successful exploitation could allow remote attackers to execute arbitrary ... oval:org.secpod.oval:def:4699 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted website. Successful exploitation could allow remote attackers to set cookies for a partial IP add ... oval:org.secpod.oval:def:4696 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle errors associated with disabled mobile accounts. Successful exploitation could allow remote attac ... oval:org.secpod.oval:def:4697 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted font in a PDF document. Successful exploitation could allow remote attackers to execute arbitrary ... oval:org.secpod.oval:def:4690 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted PSD image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4691 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle a crafted image. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4308 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted jp2 image. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:4309 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted jp2 file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:4310 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted AVI file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:4313 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a integer signedness error vulnerability. A flaw is present in the application, which fails to handle a crafted MPEG movie file. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:4314 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted Sorenson movie file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:4311 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:4312 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MPEG movie file. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:4315 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to execute arbitrary cod ... oval:org.secpod.oval:def:4316 The host is installed with Apple Quicktime before 7.6.9 and Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted GIF file. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:2589 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 or iWork 9.0 through 9.0.5 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to prevent memory corruption. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2588 The host is installed with Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 or iWorks 9.0 through 9.0.5 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted office document. Successful exploitation could allow attackers to crash the se ... oval:org.secpod.oval:def:4626 The host is installed with Apple Mac OS X 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted xar archive. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4629 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle XML data. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:4627 The host is installed with Apple Mac OS X Server 10.5.8 or 10.6 before 10.6.5 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly validate input. Successful exploitation could allow remote authenticated users to inject arbitrary web scr ... oval:org.secpod.oval:def:4628 The host is installed with Apple Mac OS X 10.5.8 or 10.6 before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a maliciously crafted "feed:" URL. Successful exploitation could allow remote attackers to obtain sensitive info ... oval:org.secpod.oval:def:4630 The host is installed with Apple Mac OS X Server 10.5.8 or 10.6 before 10.6.5 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly perform replication. Successful exploitation could allow remote attackers to bypass verification of the current ... oval:org.secpod.oval:def:4729 The host is missing a critical security update according to Apple advisory, APPLE-SA-2010-11-10-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:4702 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long name of an embedded font in a document. Successful exploitation could allow remote attacke ... oval:org.secpod.oval:def:4703 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly signal error conditions. Successful exploitation could allow remote attackers to determine the existence of ... oval:org.secpod.oval:def:4700 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted embedded font in a document. Successful exploitation could allow remote attackers to execute arbitrary code ... oval:org.secpod.oval:def:4701 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a stack based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted embedded font in a document. Successful exploitation could allow remote attackers to ex ... oval:org.secpod.oval:def:4707 The host is installed with Apple Mac OS X 10.6.x before 10.6.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to verify the unique identifier of its remote AFP volume. Successful exploitation could allow remote attackers to obtain sensitive ... oval:org.secpod.oval:def:4704 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to prevent creation of file that are outside the bounds of a share. Successful exploitation could allow remote attackers to ... oval:org.secpod.oval:def:4705 The host is installed with Apple Mac OS X 10.5.8 or 10.6.x before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted reconnect authentication packets. Successful exploitation could allow remote attackers to crash the service oval:org.secpod.oval:def:3869 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-03-29-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:2880 The host is missing an update according to Apple advisory APPLE-SA-2011-06-23-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle malicious input. Successful exploitation could allow attackers to execute arbitrary code, gain sens ... oval:org.secpod.oval:def:10725 The host is installed with Apple Mac OS X 10.6.8, 10.7 before 10.7.5 or 10.8 before 10.8.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:5820 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... |
