Download
| Alert*
|
oval:org.secpod.oval:def:3168
The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle API in Apple Type Services (ATS). Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3167 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle cookies properly. Successful exploitation could allow attackers to set cookies that would be blocked were the preference enforced. oval:org.secpod.oval:def:3109 The host is installed with Apple Mac OS X before 10.7.2 and is prone to format string vulnerability. A flaw is present in the application, which fails to handle a crafted name of an executable file. Successful exploitation could allow attackers to gain elevated privileges. oval:org.secpod.oval:def:3156 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL). Successful exploitation could allow att ... oval:org.secpod.oval:def:17515 The host is installed with Apple Mac OS X or Server 10.7.5, OS X 10.8.5 or OS X 10.9.2 and is prone to privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the processing of Set-Cookie HTTP headers. Successful exploitation allows attackers to obtai ... oval:org.secpod.oval:def:17528 The host is missing a security update according to Apple advisory, APPLE-SA-2014-04-22-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain objects and security vectors. Successful exploitation allows attackers to execute ... oval:org.secpod.oval:def:3152 The host is installed with Apple Mac OS X 10.7 before 10.7.2 and is prone to a authentication bypass vulnerability. A flaw is present in the application, which fails to properly handle authentication authority. Successful exploitation could allow attackers to bypass the password requirement. oval:org.secpod.oval:def:3153 The host is installed with Apple Mac OS X 10.7 before 10.7.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle access control issue existed in Open Directory. Successful exploitation could allow attackers to another local user's pass ... oval:org.secpod.oval:def:3158 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to prevent FireWire DMA in the absence of a login. Successful exploitation could allow attackers to bypass intended access restrictions. oval:org.secpod.oval:def:3157 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle file deletions in directories with the sticky bit. Successful exploitation could allow attackers to bypass intended permiss ... oval:org.secpod.oval:def:3163 The host is installed with Apple Mac OS X 10.7 before 10.7.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to prevent system windows from requesting keystrokes while the screen is locked. Successful exploitation could allow attackers to partially ... oval:org.secpod.oval:def:3161 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection. Success ... oval:org.secpod.oval:def:3122 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to a improper access control vulnerability. A flaw is present in the application, which fails to prevent _unknown user from browsing the share point but not guests. Successful exploitation could allow attackers to access sha ... oval:org.secpod.oval:def:3132 he host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle a crafted movie file. Successful exploitation could allow attackers to execute arbitrary code or crash t ... oval:org.secpod.oval:def:3130 The host is installed with Apple QuickTime in Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to handle the atom hierarchy in movie files. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:3119 The host is installed with Quicktime in Apple Mac OS X 10.6.8 or 10.7 before 10.7.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle URL data handlers within movie files. Successful exploitation could allow attackers to disclose mem ... oval:org.secpod.oval:def:3117 The host is installed with Apple Mac OS X and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FlashPix file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3121 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.2 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted FLIC movie file. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:20170 The host is missing a security update according to Apple advisory, APPLE-SA-2014-06-30-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain objects and security vectors. Successful exploitation allows attackers to execute ... oval:org.secpod.oval:def:20171 The host is installed with Apple Mac OS X or Server 10.7 through 10.7.5, OS X 10.8 through 10.8.5 or OS X 10.9 through 10.9.3 and is prone to out-of-bounds vulnerability. A flaw is present in the application, which fails to properly handle AppleDouble files in zip archives. Successful exploitation m ... oval:org.secpod.oval:def:20172 The host is installed with Apple Mac OS X or Server 10.7 through 10.7.5, OS X 10.8 through 10.8.5 or OS X 10.9 through 10.9.3 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle Dock's messages from applications. Successful exp ... oval:org.secpod.oval:def:14159 The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.2 and is prone to buffer overflow vulnerability. A flaw is present in the application which fails to handle a crafted PICT image. Successful exploitation could allow a ... oval:org.secpod.oval:def:14168 The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.3 and is prone to remote code execution vulnerability.A flaw is present in the application which fails to handle unspecified vectors . Successful exploitation could al ... oval:org.secpod.oval:def:14169 The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.3 and is prone to denial of service vulnerability . A flaw is present in the application, which does not properly initialize memory during the processing of text track ... oval:org.secpod.oval:def:14160 The host is installed with OS X Mountain Lion 10.8 through 10.8.3 and is prone to information disclosure vulnerability. A flaw is present in the application, which does not prevent storage of permanent cookies. Successful exploitation could allow an attacker to execute arbitrary code. oval:org.secpod.oval:def:17019 The host is installed with Apple Mac OS X or Server 10.7.5, OSX 10.8.5, 10.9 or 10.9.1 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted filename. Successful exploitation allows attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:17018 The host is installed with Apple Mac OS X or Server 10.7.5, 10.8.5, 10.9 or 10.9.1 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly handle user privileges. Successful exploitation allows attackers to bypass intended access restrictions by c ... oval:org.secpod.oval:def:17012 The host is installed with Apple Mac OS X or Server 10.7.5, OSX 10.8.5, 10.9 or 10.9.1 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted Mach messages. Successful exploitation allows attackers to bypass the App Sandbox protection mecha ... oval:org.secpod.oval:def:3162 The host is installed with Apple Mac OS X 10.7.0 before 10.7.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to ensure that all disk data is encrypted during the enabling of FileVault. Successful exploitation could allow attackers to obtai ... oval:org.secpod.oval:def:5794 The host is installed with Apple Mac OS X 10.7.x before 10.7.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle vectors involving a temporary files. Successful exploitation could allow attackers to gain privileges. oval:org.secpod.oval:def:5810 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ... oval:org.secpod.oval:def:5812 The host is installed with Apple Mac OS X 10.7.0 before 10.7.4 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with JPEG2000 encoding. Successful exploitation could allow attackers to execute arbitrary code or ... oval:org.secpod.oval:def:5811 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer underflow vulnerability. A flaw is present in the application, which fails to properly handle crafted MPEG file. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ... oval:org.secpod.oval:def:5818 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted input. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ... oval:org.secpod.oval:def:5809 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted audio sample tables in a movie file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:5808 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an improper access control vulnerability. A flaw is present in the application, which fails to properly handle screen savers. Successful exploitation could allow attackers to bypass screen locking and launch a S ... oval:org.secpod.oval:def:5819 The host is installed with Apple Mac OS X 10.7.0 before 10.7.4 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails does not require continued use of SRP-based authentication after this authentication method is first used. Successful exploitation could a ... oval:org.secpod.oval:def:5802 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to a network sniffing attack vulnerability. A flaw is present in the application, which fails to properly restrict the length of RSA keys within X.509 certificates. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:5801 The host is installed with Apple Mac OS X 10.6.8 or 10.7.0 before 10.7.4 and is prone to an uninitialized memory access vulnerability. A flaw is present in the application, which fails to properly handle X.509 certificates. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:3166 The host is installed with Apple Mac OS X 10.7 before 10.7.3 and is prone to a information disclosure vulnerability. A flaw is present in the application, which fails to restrict transmission of cookies. Successful exploitation could allow attackers to obtain sensitive information. oval:org.secpod.oval:def:3891 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly perform OpenGL Shading Language (aka GLSL) compilation. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:3892 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to an integer overflow vulnerability. The flaw is present in the application, which fails to properly handle crafted DNS data. Successful exploitation could allow attackers to execute arbitrary code or crash the se ... oval:org.secpod.oval:def:3890 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to handle a crafted MP4 file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3895 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a crafted embedded font in a document. Successful exploitation could allow attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:3896 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:3893 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to preserve the Wi-Fi configuration across software updates. Successful exploitation could allow attackers to obtain sensitive i ... oval:org.secpod.oval:def:3894 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to a memory corruption vulnerability. The flaw is present in the application, which fails to properly restrict the allocation of stack memory. Successful exploitation could allow attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:3897 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly construct request headers during parsing of URLs. Successful exploitation could allow attackers to obtain sensitive in ... oval:org.secpod.oval:def:3898 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which automatically switches it to unencrypted sessions upon failure of encrypted connections. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:3888 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a buffer overflow vulnerability. The flaw is present in the application, which fails to handle a crafted PNG file. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:3889 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to an Off-by-one buffer overflow vulnerability. The flaw is present in the application, which fails to handle a crafted rdrf atom in a movie file. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:3886 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to perform authentication. Successful exploitation could allow attackers to gain privileges by leveraging access to (1) the server ... oval:org.secpod.oval:def:3887 The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to an information disclosure vulnerability. The flaw is present in the application, which fails to verify the unique identifier of its remote AFP volume or Time Capsule. Successful exploitation could allow attackers to obtai ... oval:org.secpod.oval:def:10708 The host is installed with Mac OS X 10.8.x before 10.8.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted application from reading passwords entered into Login Window. Successful exploitation could allow attackers to read ... oval:org.secpod.oval:def:10709 The host is installed with Mac OS X 10.6.8 or OS X Lion v10.7 to v10.7.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle an e-mail message that triggers the loading of a third-party plugin. Successful exploitation could allow att ... oval:org.secpod.oval:def:10702 The host is installed with Mac OS X Lion v10.7 to v10.7.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted text glyph. Successful exploitation could allow attackers to execute arbitrary code or crash the service. oval:org.secpod.oval:def:10722 The host is installed with Mac OS X 10.6.8 or 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with Sorenson encoding. Successful exploitation allows remote attackers to execute arbitrary code or ca ... oval:org.secpod.oval:def:10724 The host is installed with Mac OS X 10.7 before 10.7.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle USB hub descriptors. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service. oval:org.secpod.oval:def:13781 The host is installed with Apple Mac OS X or Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5, or 10.8 before 10.8.3 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to properly handle URIs with ignorable Unicode character sequences. Successful ... oval:org.secpod.oval:def:13782 The host is installed with Apple Mac OS X or Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5, or 10.8 before 10.8.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow a Ja ... oval:org.secpod.oval:def:13785 The host is installed with Apple Mac OS X or Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5, or 10.8 before 10.8.3 and is prone to an use after free vulnerability. A flaw is present in the application, which fails to properly handle ink annotations in PDF files. Successful exploitation could allo ... oval:org.secpod.oval:def:13786 The host is installed with Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to prevent plugin loading within the marketing-text WebView. Successful exploitation could allow an attacker to ex ... oval:org.secpod.oval:def:13788 The host is missing a security update according to Apple advisory, APPLE-SA-2013-03-14-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:17037 The host is missing a security update according to Apple advisory, APPLE-SA-2014-02-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors related to memory and crafted data. Successful exploitation allows attacke ... oval:org.secpod.oval:def:5820 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:10725 The host is installed with Apple Mac OS X 10.6.8, 10.7 before 10.7.5 or 10.8 before 10.8.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... |
