Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Carboncore
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2320 1 Apple 3 Carboncore, Mac Os X, Mac Os X Server 2024-11-21 9.3 HIGH N/A
Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API.
CVE-2011-0178 1 Apple 3 Carboncore, Mac Os X, Mac Os X Server 2024-02-28 2.1 LOW N/A
The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory.