This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/o:apple:mac_os_x:10.5.1
Detail
VendorAppleFirst view 2007-12-05
ProductMac Os XLast view 2013-06-05
Version10.5.1TypeOs
Edition 
Language 
Update 
 
CPE Productcpe:/o:apple:mac_os_x

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2013-06-05 CVE-2013-0984 Network Medium None Requ...
4.6 2012-09-20 CVE-2012-3723 Local Low None Requ...
6.8 2012-09-20 CVE-2012-3722 Network Medium None Requ...
5 2012-09-20 CVE-2012-3721 Network Low None Requ...
4.3 2012-09-20 CVE-2012-3720 Network Medium None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.8 2012-09-20 CVE-2012-3719 Network Medium None Requ...
2.1 2012-09-20 CVE-2012-3718 Local Low None Requ...
7.5 2012-09-20 CVE-2012-0650 Network Low None Requ...
4.3 2012-05-10 CVE-2012-0675 Network Medium None Requ...
7.5 2012-05-10 CVE-2012-0662 Network Low None Requ...
6.8 2012-05-10 CVE-2012-0660 Network Medium None Requ...
6.8 2012-05-10 CVE-2012-0659 Network Medium None Requ...
6.8 2012-05-10 CVE-2012-0658 Network Medium None Requ...
2.1 2012-05-10 CVE-2012-0657 Local Low None Requ...
6.4 2012-05-10 CVE-2012-0655 Network Low None Requ...
6.8 2012-05-10 CVE-2012-0654 Network Medium None Requ...
6.9 2012-05-10 CVE-2012-0649 Local Medium None Requ...
7.6 2011-11-15 CVE-2011-1516 Network High None Requ...
7.6 2011-11-15 CVE-2008-7303 Network High None Requ...
6.8 2011-10-14 CVE-2011-3228 Network Medium None Requ...
6.8 2011-10-14 CVE-2011-3227 Network Medium None Requ...
2.6 2011-10-14 CVE-2011-3224 Network High None Requ...
6.8 2011-10-14 CVE-2011-3223 Network Medium None Requ...
6.8 2011-10-14 CVE-2011-3222 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
21% (29)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
18% (25)CWE-264Permissions, Privileges, and Access Controls
9% (13)CWE-399Resource Management Errors
8% (12)CWE-189Numeric Errors
8% (11)CWE-20Improper Input Validation
Hide | Show 11 More...
%idName
6% (9)CWE-94Failure to Control Generation of Code ('Code Injection')
5% (7)CWE-200Information Exposure
5% (7)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
3% (5)CWE-310Cryptographic Issues
3% (5)CWE-287Improper Authentication
2% (3)CWE-362Race Condition
2% (3)CWE-255Credentials Management
2% (3)CWE-16Configuration
0% (1)CWE-134Uncontrolled Format String
0% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')
0% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7Blind SQL Injection
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
Hide | Show 20 More...
idName
CAPEC-13Subverting Environment Variable Values
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-22Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-28Fuzzing
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32Embedding Scripts in HTTP Query Strings
CAPEC-37Lifting Data Embedded in Client Distributions
CAPEC-42MIME Conversion
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-52Embedding NULL Bytes
CAPEC-53Postfix, Null Terminate, and Backslash
CAPEC-54Probing an Application Through Targeting its Error Reporting
CAPEC-63Simple Script Injection
CAPEC-64Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-65Passively Sniff and Capture Application Code Bound for Authorized Client

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:8408DSA-1762 icu -- insufficient input sanitising
oval:org.mitre.oval:def:13794USN-747-1 -- icu vulnerability
oval:org.mitre.oval:def:13393DSA-1762-1 icu -- insufficient input sanitising
oval:org.mitre.oval:def:10824The International Components for Unicode (ICU) library in Apple Mac OS X befo...
oval:org.mitre.oval:def:21796ELSA-2009:0296: icu security update (Moderate)
Hide | Show 11 More...
idName
oval:org.mitre.oval:def:7489DSA-1889 icu -- programming error
oval:org.mitre.oval:def:13272DSA-1889-1 icu -- programming error
oval:org.mitre.oval:def:13220USN-846-1 -- icu vulnerability
oval:org.mitre.oval:def:11366International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, ...
oval:org.mitre.oval:def:22853ELSA-2009:1122: icu security update (Moderate)
oval:org.mitre.oval:def:7499ColorSync in Apple Safari Heap Buffer Overflow Vulnerability
oval:org.mitre.oval:def:9153The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6...
oval:org.mitre.oval:def:8230DSA-1933 cups -- missing input sanitising
oval:org.mitre.oval:def:13522DSA-1933-1 cups -- missing input sanitising
oval:org.mitre.oval:def:13358USN-856-1 -- cups, cupsys vulnerability
oval:org.mitre.oval:def:7037WebKit 'removeChild()' Remote Code Execution Vulnerability

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
77203Apple Mac OS X Multiple Sandbox Profile Process Restriction launchctl Network...
77202Apple Mac OS X Multiple Sandbox Profile Process Restriction osascript Network...
76380Apple Mac OS X QuickTime FLIC File Handling Overflow
76379Apple Mac OS X QuickTime FlashPix File Handling Overflow
76378Apple Mac OS X QuickTime Movie File Atom Hierarchy Handling Remote Code Execu...
Hide | Show 20 More...
idDescription
76377Apple Mac OS X QuickTime Movie File URL Data Handlers Handling Memory Disclosure
76375Apple Mac OS X User Documentation App Store Help Content MitM Weakness Remote...
76373Apple Mac OS X QuickTime Save for Web Export MitM Weakness XSS
76372Apple Mac OS X Multiple QuickTime Movie File Handling Memory Corruption
76368Apple Mac OS X MediaKit Multiple Disk Image Handling Memory Corruption
76367Apple Mac OS X libsecurity Nonstandard Certificate Revocation Website / Email...
76366Apple Mac OS X Kernel Sticky Bit Directory Arbitrary File Deletion
76365Apple Mac OS X Kernel Firewall DMA Protection Weakness Password Disclosure
76364Apple Mac OS X IOGraphics Apple Cinema Displays Screen Lock Bypass
76363Apple Mac OS X File Systems WebDAV Volume Handling HTTPS Server Certificate W...
76360Apple Mac OS X CoreMedia Multiple QuickTime Movie File Handling Memory Corrup...
76359Apple Mac OS X CFNetwork Cookie Policy Synchronization Cookie Block Bypass
76358Apple Mac OS X ATS ATSFontDeactivate API Overflow
76357Apple Mac OS X ATS Out-of-bounds Read Type 1 Font Handling Remote Code Execution
63471Apple Safari WebKit Attribute Child Removal Arbitrary Remote Code Execution
63409Apple Mac OS X PS Normalizer PostScript File Handling Overflow
63405Apple Mac OS X Mail Deleted Mail Account Rule Persistence Weakness
63404Apple Mac OS X Disk Images bzip2 Compressed Disk Image Handling Memory Corrup...
63399Apple Mac OS X OS Services SFLServer Unspecified Local Privilege Escalation
63398Apple Mac OS X Disk Images Internet Enabled Image Mounting Menu Extras Plugin...

Milw0rm Exploits

idDescription
2009-03-23Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit
2009-03-23Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC
2009-03-23Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC
2009-03-23Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS
2009-03-23Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC
Hide | Show 1 More...
idDescription
4690Apple Mac OS X 10.5.0 (leopard) vpnd Remote Denial of Service PoC

ExploitDB Exploits

idDescription
25974Mac OSX Server DirectoryService Buffer Overflow
20705SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities
18853SAP Netweaver Dispatcher Multiple Vulnerabilities

Metasploit Exploits

idDescription
2007-12-17Apple OS X Software Update Command Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-05-18Name : Apple QuickTime Multiple Vulnerabilities - (Windows)
File : nvt/gb_apple_quicktime_mult_vuln_win_may12.nasl
2012-05-18Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2011-11-03Name : Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
File : nvt/gb_apple_quicktime_mult_dos_vuln_win_nov11.nasl
2011-10-20Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
Hide | Show 20 More...
idDescription
2011-08-09Name : CentOS Update for cups CESA-2009:1595 centos5 i386
File : nvt/gb_CESA-2009_1595_cups_centos5_i386.nasl
2011-08-09Name : CentOS Update for icu CESA-2009:1122 centos5 i386
File : nvt/gb_CESA-2009_1122_icu_centos5_i386.nasl
2010-07-16Name : Fedora Update for qt FEDORA-2010-11011
File : nvt/gb_fedora_2010_11011_qt_fc13.nasl
2010-07-16Name : Fedora Update for qt FEDORA-2010-11020
File : nvt/gb_fedora_2010_11020_qt_fc12.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 5
File : nvt/macosx_java_for_10_5_upd_5.nasl
2010-05-12Name : Mac OS X Security Update 2007-009
File : nvt/macosx_secupd_2007-009.nasl
2010-05-12Name : Mac OS X 10.5.2 Update / Mac OS X Security Update 2008-001
File : nvt/macosx_upd_10_5_2_secupd_2008-001.nasl
2010-05-12Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003
File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl
2010-05-12Name : Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004
File : nvt/macosx_upd_10_5_4_secupd_2008-004.nasl
2010-05-12Name : Mac OS X 10.5.5 Update / Security Update 2008-006
File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2010-05-12Name : Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008
File : nvt/macosx_upd_10_5_6_secupd_2008-008.nasl
2010-05-12Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-05-12Name : Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003
File : nvt/macosx_upd_10_5_8_secupd_2009-003.nasl
2010-05-12Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006
File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl
2010-05-12Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-04-16Name : Mandriva Update for cups MDVSA-2010:073 (cups)
File : nvt/gb_mandriva_MDVSA_2010_073.nasl
2010-04-16Name : Mandriva Update for cups MDVSA-2010:073-1 (cups)
File : nvt/gb_mandriva_MDVSA_2010_073_1.nasl
2010-02-19Name : Mandriva Update for mandriva-doc MDVA-2010:072 (mandriva-doc)
File : nvt/gb_mandriva_MDVA_2010_072.nasl
2010-02-19Name : Mandriva Update for dhcp MDVA-2010:073 (dhcp)
File : nvt/gb_mandriva_MDVA_2010_073.nasl
2010-01-15Name : Mandriva Update for apache-conf MDVSA-2009:300-1 (apache-conf)
File : nvt/gb_mandriva_MDVSA_2009_300_1.nasl

Snort® IPS/IDS

DateDescription
2014-03-08Apple Safari Webkit attribute child removal code execution attempt
RuleID : 29623 - Type : BROWSER-WEBKIT - Revision : 1
2014-02-21Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 29436 - Type : FILE-MULTIMEDIA - Revision : 2
2014-02-21Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 29435 - Type : FILE-MULTIMEDIA - Revision : 2
2014-01-10Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 26472 - Type : FILE-MULTIMEDIA - Revision : 4
2014-01-10Apple QuickTime MPEG stream padding buffer overflow attempt
RuleID : 23581 - Type : FILE-MULTIMEDIA - Revision : 6
Hide | Show 5 More...
DateDescription
2014-01-10Apple QuickTime MPEG stream padding buffer overflow attempt
RuleID : 23170 - Type : FILE-MULTIMEDIA - Revision : 6
2014-01-10Apple OSX software update command execution attempt
RuleID : 21051 - Type : SERVER-WEBAPP - Revision : 5
2014-01-10Apple Safari Webkit attribute child removal code execution attempt
RuleID : 18958 - Type : BROWSER-WEBKIT - Revision : 6
2014-01-10Apple Safari Webkit attribute child removal code execution attempt
RuleID : 18957 - Type : BROWSER-WEBKIT - Revision : 5
2014-01-10Apple QuickTime pict image poly structure memory corruption attempt
RuleID : 15384 - Type : FILE-MULTIMEDIA - Revision : 11

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-08-13Name : The remote host is susceptible to a buffer overflow.
File : macosx_directory_srv_2013_0984.nasl - Type : ACT_DESTRUCTIVE_ATTACK
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1595.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0296.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1122.nasl - Type : ACT_GATHER_INFO
2013-06-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1595.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-06-05Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2013-002.nasl - Type : ACT_GATHER_INFO
2012-09-27Name : The remote device is affected by multiple vulnerabilities.
File : appletv_5_1.nasl - Type : ACT_GATHER_INFO
2012-09-20Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO
2012-09-20Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_8_2.nasl - Type : ACT_GATHER_INFO
2012-09-20Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2012-004.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090312_icu_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090625_icu_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-05-16Name : The remote Windows host contains an application that may be affected by multi...
File : quicktime_772.nasl - Type : ACT_GATHER_INFO
2012-05-10Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO
2012-05-10Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2012-002.nasl - Type : ACT_GATHER_INFO
2011-10-28Name : The remote Windows host contains an application that may be affected by multi...
File : quicktime_771.nasl - Type : ACT_GATHER_INFO
2011-10-13Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_2.nasl - Type : ACT_GATHER_INFO
2011-10-13Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO
2010-06-17Name : The remote host contains an application that is affected by multiple vulnerab...
File : itunes_9_2.nasl - Type : ACT_GATHER_INFO
2010-06-17Name : The remote host contains a multimedia application that has multiple vulnerabi...
File : itunes_9_2_banner.nasl - Type : ACT_GATHER_INFO
2010-06-08Name : The remote host contains a web browser that is affected by several vulnerabil...
File : safari_5_0.nasl - Type : ACT_GATHER_INFO
2010-06-08Name : The remote host contains a web browser that is affected by several vulnerabil...
File : macosx_Safari5_0.nasl - Type : ACT_GATHER_INFO
2010-04-15Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-073.nasl - Type : ACT_GATHER_INFO
2010-03-29Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO
2010-03-29Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO