Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic." Date published : 2008-03-18 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html...
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a...
Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list. Date published : 2008-03-18...
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager. Date published...
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of...
Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used. Date published...
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. Date published : 2008-03-18 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://www.securityfocus.com/bid/28304
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open ‘Safe’...
Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data. Date published : 2008-03-18 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://www.securityfocus.com/bid/28304
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error. Date published : 2008-03-18 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged...
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API. Date published : 2008-03-18 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://www.securityfocus.com/bid/28304
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary...
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the...