Total
5557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0655 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2008-09-10 | 7.5 HIGH | N/A |
| OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2007-3828 | 1 Apple | 1 Mac Os X | 2008-09-05 | 10.0 HIGH | N/A |
| Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386. | |||||
| CVE-2007-0710 | 1 Apple | 2 Ichat, Mac Os X | 2008-09-05 | 2.1 LOW | N/A |
| The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614. | |||||
| CVE-2007-0647 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.1 HIGH | N/A |
| Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function. | |||||
| CVE-2007-0614 | 1 Apple | 3 Ichat, Instant Message Framework, Mac Os X | 2008-09-05 | 7.8 HIGH | N/A |
| The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key. | |||||
| CVE-2006-6353 | 1 Apple | 3 Bomarchivehelper, Mac Os X, Mac Os X Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer". | |||||
| CVE-2006-4866 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | |||||
| CVE-2005-3782 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 2.1 LOW | N/A |
| Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. | |||||
| CVE-2005-2748 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 2.1 LOW | N/A |
| The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. | |||||
| CVE-2005-2746 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | |||||
| CVE-2005-2745 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information. | |||||
| CVE-2005-2743 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2008-09-05 | 7.5 HIGH | N/A |
| The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-2742 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 4.6 MEDIUM | N/A |
| SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting. | |||||
| CVE-2005-2526 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2008-09-05 | 5.0 MEDIUM | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | |||||
| CVE-2005-2525 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2008-09-05 | 5.0 MEDIUM | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). | |||||
| CVE-2005-2524 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2008-09-05 | 5.0 MEDIUM | N/A |
| Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site. | |||||
| CVE-2005-2523 | 1 Apple | 2 Mac Os X, Weblog Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-2522 | 1 Apple | 2 Mac Os X, Safari | 2008-09-05 | 5.1 MEDIUM | N/A |
| Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file. | |||||
| CVE-2005-2521 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-2520 | 1 Apple | 1 Mac Os X | 2008-09-05 | 2.1 LOW | N/A |
| The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords. | |||||