Filtered by vendor Apple
Subscribe
Total
11189 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0088 | 1 Apple | 1 Mac Os X | 2008-09-11 | 7.2 HIGH | N/A |
| TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | |||||
| CVE-2003-0049 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-11 | 7.5 HIGH | N/A |
| Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. | |||||
| CVE-2005-2503 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 4.6 MEDIUM | N/A |
| AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window. | |||||
| CVE-2005-2502 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file. | |||||
| CVE-2005-1430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 3.6 LOW | N/A |
| Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | |||||
| CVE-2005-0712 | 1 Apple | 1 Mac Os X | 2008-09-10 | 4.6 MEDIUM | N/A |
| Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | |||||
| CVE-2004-1122 | 1 Apple | 1 Safari | 2008-09-10 | 7.5 HIGH | N/A |
| Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314. | |||||
| CVE-2004-0988 | 1 Apple | 1 Quicktime | 2008-09-10 | 5.0 MEDIUM | N/A |
| Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | |||||
| CVE-2004-0925 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate. | |||||
| CVE-2004-0092 | 1 Apple | 1 Mac Os X | 2008-09-10 | 10.0 HIGH | N/A |
| Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact. | |||||
| CVE-2004-0088 | 1 Apple | 1 Mac Os X | 2008-09-10 | 2.1 LOW | N/A |
| The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. | |||||
| CVE-2004-0086 | 1 Apple | 1 Mac Os X | 2008-09-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. | |||||
| CVE-2003-1005 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | |||||
| CVE-2003-0871 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system." | |||||
| CVE-2003-0804 | 3 Apple, Freebsd, Openbsd | 4 Mac Os X, Mac Os X Server, Freebsd and 1 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | |||||
| CVE-2003-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 4.6 MEDIUM | N/A |
| The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. | |||||
| CVE-2003-0425 | 1 Apple | 1 Darwin Streaming Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request. | |||||
| CVE-2003-0424 | 1 Apple | 1 Darwin Streaming Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi. | |||||
| CVE-2003-0423 | 1 Apple | 1 Darwin Streaming Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter. | |||||
| CVE-2003-0422 | 1 Apple | 1 Darwin Streaming Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters. | |||||