This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/o:apple:mac_os_x:10.5.1 |
| Detail | |||
|---|---|---|---|
| Vendor | Apple | First view | 2007-12-05 |
| Product | Mac Os X | Last view | 2012-09-20 |
| Version | 10.5.1 | Type | Os |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/o:apple:mac_os_x | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4.6 | 2012-09-20 | CVE-2012-3723 | Local | Low | None Requ... | |
| 6.8 | 2012-09-20 | CVE-2012-3722 | Network | Medium | None Requ... | |
| 5 | 2012-09-20 | CVE-2012-3721 | Network | Low | None Requ... | |
| 4.3 | 2012-09-20 | CVE-2012-3720 | Network | Medium | None Requ... | |
| 6.8 | 2012-09-20 | CVE-2012-3719 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 2.1 | 2012-09-20 | CVE-2012-3718 | Local | Low | None Requ... | |
| 7.5 | 2012-09-20 | CVE-2012-0650 | Network | Low | None Requ... | |
| 4.3 | 2012-05-10 | CVE-2012-0675 | Network | Medium | None Requ... | |
| 7.5 | 2012-05-10 | CVE-2012-0662 | Network | Low | None Requ... | |
| 6.8 | 2012-05-10 | CVE-2012-0660 | Network | Medium | None Requ... | |
| 6.8 | 2012-05-10 | CVE-2012-0659 | Network | Medium | None Requ... | |
| 6.8 | 2012-05-10 | CVE-2012-0658 | Network | Medium | None Requ... | |
| 2.1 | 2012-05-10 | CVE-2012-0657 | Local | Low | None Requ... | |
| 6.4 | 2012-05-10 | CVE-2012-0655 | Network | Low | None Requ... | |
| 6.8 | 2012-05-10 | CVE-2012-0654 | Network | Medium | None Requ... | |
| 6.9 | 2012-05-10 | CVE-2012-0649 | Local | Medium | None Requ... | |
| 7.6 | 2011-11-15 | CVE-2011-1516 | Network | High | None Requ... | |
| 7.6 | 2011-11-15 | CVE-2008-7303 | Network | High | None Requ... | |
| 6.8 | 2011-10-14 | CVE-2011-3228 | Network | Medium | None Requ... | |
| 6.8 | 2011-10-14 | CVE-2011-3227 | Network | Medium | None Requ... | |
| 2.6 | 2011-10-14 | CVE-2011-3224 | Network | High | None Requ... | |
| 6.8 | 2011-10-14 | CVE-2011-3223 | Network | Medium | None Requ... | |
| 6.8 | 2011-10-14 | CVE-2011-3222 | Network | Medium | None Requ... | |
| 6.8 | 2011-10-14 | CVE-2011-3221 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 20% (28) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 18% (25) | CWE-264 | Permissions, Privileges, and Access Controls |
| 9% (13) | CWE-399 | Resource Management Errors |
| 8% (12) | CWE-189 | Numeric Errors |
| 8% (11) | CWE-20 | Improper Input Validation |
| % | id | Name |
|---|---|---|
| 6% (9) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 5% (7) | CWE-200 | Information Exposure |
| 5% (7) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 3% (5) | CWE-310 | Cryptographic Issues |
| 3% (5) | CWE-287 | Improper Authentication |
| 2% (3) | CWE-362 | Race Condition |
| 2% (3) | CWE-255 | Credentials Management |
| 2% (3) | CWE-16 | Configuration |
| 1% (2) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (1) | CWE-134 | Uncontrolled Format String |
| 0% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
CAPEC : Common Attack Pattern Enumeration & Classificatio
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-7 | Blind SQL Injection |
| CAPEC-8 | Buffer Overflow in an API Call |
| CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
| CAPEC-10 | Buffer Overflow via Environment Variables |
| id | Name |
|---|---|
| CAPEC-13 | Subverting Environment Variable Values |
| CAPEC-14 | Client-side Injection-induced Buffer Overflow |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| CAPEC-24 | Filter Failure through Buffer Overflow |
| CAPEC-28 | Fuzzing |
| CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
| CAPEC-32 | Embedding Scripts in HTTP Query Strings |
| CAPEC-37 | Lifting Data Embedded in Client Distributions |
| CAPEC-42 | MIME Conversion |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-45 | Buffer Overflow via Symbolic Links |
| CAPEC-46 | Overflow Variables and Tags |
| CAPEC-47 | Buffer Overflow via Parameter Expansion |
| CAPEC-52 | Embedding NULL Bytes |
| CAPEC-53 | Postfix, Null Terminate, and Backslash |
| CAPEC-54 | Probing an Application Through Targeting its Error Reporting |
| CAPEC-63 | Simple Script Injection |
| CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
| CAPEC-65 | Passively Sniff and Capture Application Code Bound for Authorized Client |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:10824 | The International Components for Unicode (ICU) library in Apple Mac OS X befo... |
| oval:org.mitre.oval:def:11366 | International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, ... |
| oval:org.mitre.oval:def:7499 | ColorSync in Apple Safari Heap Buffer Overflow Vulnerability |
| oval:org.mitre.oval:def:9153 | The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6... |
| oval:org.mitre.oval:def:7037 | WebKit 'removeChild()' Remote Code Execution Vulnerability |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 77203 | Apple Mac OS X Multiple Sandbox Profile Process Restriction launchctl Network... |
| 77202 | Apple Mac OS X Multiple Sandbox Profile Process Restriction osascript Network... |
| 76380 | Apple Mac OS X QuickTime FLIC File Handling Overflow |
| 76379 | Apple Mac OS X QuickTime FlashPix File Handling Overflow |
| 76378 | Apple Mac OS X QuickTime Movie File Atom Hierarchy Handling Remote Code Execu... |
| id | Description |
|---|---|
| 76377 | Apple Mac OS X QuickTime Movie File URL Data Handlers Handling Memory Disclosure |
| 76375 | Apple Mac OS X User Documentation App Store Help Content MitM Weakness Remote... |
| 76373 | Apple Mac OS X QuickTime Save for Web Export MitM Weakness XSS |
| 76372 | Apple Mac OS X Multiple QuickTime Movie File Handling Memory Corruption |
| 76368 | Apple Mac OS X MediaKit Multiple Disk Image Handling Memory Corruption |
| 76367 | Apple Mac OS X libsecurity Nonstandard Certificate Revocation Website / Email... |
| 76366 | Apple Mac OS X Kernel Sticky Bit Directory Arbitrary File Deletion |
| 76365 | Apple Mac OS X Kernel Firewall DMA Protection Weakness Password Disclosure |
| 76364 | Apple Mac OS X IOGraphics Apple Cinema Displays Screen Lock Bypass |
| 76363 | Apple Mac OS X File Systems WebDAV Volume Handling HTTPS Server Certificate W... |
| 76360 | Apple Mac OS X CoreMedia Multiple QuickTime Movie File Handling Memory Corrup... |
| 76359 | Apple Mac OS X CFNetwork Cookie Policy Synchronization Cookie Block Bypass |
| 76358 | Apple Mac OS X ATS ATSFontDeactivate API Overflow |
| 76357 | Apple Mac OS X ATS Out-of-bounds Read Type 1 Font Handling Remote Code Execution |
| 63471 | Apple Safari WebKit Attribute Child Removal Arbitrary Remote Code Execution |
| 63409 | Apple Mac OS X PS Normalizer PostScript File Handling Overflow |
| 63405 | Apple Mac OS X Mail Deleted Mail Account Rule Persistence Weakness |
| 63404 | Apple Mac OS X Disk Images bzip2 Compressed Disk Image Handling Memory Corrup... |
| 63399 | Apple Mac OS X OS Services SFLServer Unspecified Local Privilege Escalation |
| 63398 | Apple Mac OS X Disk Images Internet Enabled Image Mounting Menu Extras Plugin... |
Milw0rm Exploits
| id | Description |
|---|---|
| 2009-03-23 | Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit |
| 2009-03-23 | Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC |
| 2009-03-23 | Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC |
| 2009-03-23 | Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS |
| 2009-03-23 | Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC |
| id | Description |
|---|---|
| 4690 | Apple Mac OS X 10.5.0 (leopard) vpnd Remote Denial of Service PoC |
ExploitDB Exploits
| id | Description |
|---|---|
| 20705 | SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities |
| 18853 | SAP Netweaver Dispatcher Multiple Vulnerabilities |
Metasploit Exploits
| id | Description |
|---|---|
| 2007-12-17 | Apple OS X Software Update Command Execution |
