Filtered by vendor Apple
Subscriptions
Filtered by product Mac Os X
Subscriptions
Total
5567 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-2502 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file. | ||||
CVE-2005-2503 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window. | ||||
CVE-2005-2526 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2024-08-07 | N/A |
CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | ||||
CVE-2005-2506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates. | ||||
CVE-2005-2505 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation. | ||||
CVE-2005-2194 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing. | ||||
CVE-2005-1933 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | ||||
CVE-2005-1726 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions." | ||||
CVE-2005-1689 | 4 Apple, Debian, Mit and 1 more | 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more | 2024-08-07 | 9.8 Critical |
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | ||||
CVE-2005-1728 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | ||||
CVE-2005-1474 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | ||||
CVE-2005-1330 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | ||||
CVE-2005-1343 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | ||||
CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | ||||
CVE-2005-1341 | 1 Apple | 3 Mac Os X, Mac Os X Server, Terminal | 2024-08-07 | N/A |
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | ||||
CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | ||||
CVE-2005-1342 | 1 Apple | 2 Mac Os X, Terminal | 2024-08-07 | N/A |
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. | ||||
CVE-2005-1331 | 1 Apple | 3 Applescript, Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. | ||||
CVE-2005-1335 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." | ||||
CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. |