Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-0040 | 6.8 |
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr
|
09-02-2024 - 03:25 | 22-02-2009 - 22:30 | |
CVE-2009-1721 | 6.8 |
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of a
|
09-02-2024 - 03:22 | 31-07-2009 - 19:00 | |
CVE-2008-0674 | 7.5 |
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
|
15-10-2018 - 22:02 | 18-02-2008 - 23:00 | |
CVE-2008-1372 | 4.3 |
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
|
11-10-2018 - 20:32 | 18-03-2008 - 21:44 | |
CVE-2009-1726 | 9.3 |
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
|
29-09-2017 - 01:34 | 06-08-2009 - 16:30 | |
CVE-2009-1235 | 7.2 |
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk imag
|
29-09-2017 - 01:34 | 02-04-2009 - 17:30 | |
CVE-2009-1728 | 6.8 |
Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digital Camera RAW Compatibility Update 2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a craft
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-1723 | 4.3 |
CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in certain 302 redirection scenarios, which makes it easier for remote attackers to trick a user into visiting an arbitrary https web site by leveraging a
|
17-08-2017 - 01:30 | 06-08-2009 - 15:30 | |
CVE-2009-2193 | 10.0 |
Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet.
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-1727 | 6.8 |
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-2188 | 9.3 |
Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata.
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-2192 | 7.5 |
MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a "logic issue."
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-2194 | 4.9 |
Apple Mac OS X 10.5 before 10.5.8 does not properly share file descriptors over local sockets, which allows local users to cause a denial of service (system crash) by placing file descriptors in messages sent to a socket that has no receiver, related
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-2190 | 7.8 |
launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to cause a denial of service (individual service outage) by making many connections to an inetd-based launchd service.
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-2191 | 7.5 |
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name.
|
17-08-2017 - 01:30 | 06-08-2009 - 16:30 | |
CVE-2009-0151 | 7.2 |
The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not prevent four-finger Multi-Touch gestures, which allows physically proximate attackers to bypass locking and "manage applications or use Expose" via unspecified vectors.
|
08-08-2017 - 01:33 | 06-08-2009 - 15:30 | |
CVE-2009-1720 | 7.5 |
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (
|
23-10-2012 - 03:06 | 31-07-2009 - 19:00 | |
CVE-2009-1722 | 6.8 |
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
|
23-10-2012 - 03:06 | 31-07-2009 - 19:00 |