cpe:/o:apple:mac_os_x:10.4 cpe:/o:apple:mac_os_x:10.4.0 cpe:/o:apple:mac_os_x:10.4.1 cpe:/o:apple:mac_os_x:10.4.2 cpe:/o:apple:mac_os_x:10.4.3 cpe:/o:apple:mac_os_x:10.4.4 cpe:/o:apple:mac_os_x:10.4.5 cpe:/o:apple:mac_os_x:10.4.6 cpe:/o:apple:mac_os_x:10.4.7 cpe:/o:apple:mac_os_x:10.4.8 cpe:/o:apple:mac_os_x:10.4.9 cpe:/o:apple:mac_os_x:10.4.10 CVE-2007-4682 2007-11-14T20:46:00.000-05:00 2017-07-28T21:33:06.363-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-11-15T19:18:00.000-05:00 SECTRACK 1018950 BID 26444 SECUNIA 27643 VUPEN ADV-2007-3868 APPLE APPLE-SA-2007-11-14 CERT TA07-319A CERT-VN VU#498105 CONFIRM http://docs.info.apple.com/article.html?artnum=307041 XF macosx-coretext-code-execution(38465) CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer.