Total
817 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-3702 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. | |||||
CVE-2004-0923 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2023-12-10 | 2.1 LOW | N/A |
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords. | |||||
CVE-2006-0399 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. | |||||
CVE-2004-0539 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 10.0 HIGH | N/A |
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code. | |||||
CVE-2003-0198 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 6.4 MEDIUM | N/A |
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. | |||||
CVE-2004-1085 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 2.1 LOW | N/A |
Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | |||||
CVE-2003-0876 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 2.1 LOW | N/A |
Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended. | |||||
CVE-2003-1008 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. | |||||
CVE-2003-0913 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." | |||||
CVE-2003-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 4.6 MEDIUM | N/A |
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. | |||||
CVE-2004-0744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | |||||
CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | |||||
CVE-2004-1088 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. | |||||
CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | |||||
CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 2.1 LOW | N/A |
The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | |||||
CVE-2004-0486 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.6 HIGH | N/A |
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. | |||||
CVE-2004-1089 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | |||||
CVE-2004-1832 | 1 Apple | 1 Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660. | |||||
CVE-2003-1006 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||||
CVE-2003-1007 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. |