Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:mac_os_x:10.9.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-1314 |
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application. Published: April 23, 2014; 7:52:59 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2014-1315 |
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL. Published: April 23, 2014; 7:52:59 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2014-1296 |
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. Published: April 23, 2014; 7:52:59 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2014-1295 |
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." Published: April 23, 2014; 7:52:59 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-7338 |
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function. Published: April 22, 2014; 10:23:34 AM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2013-5704 |
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." Published: April 15, 2014; 6:55:11 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-0106 |
Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable. Published: March 11, 2014; 3:37:03 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |
CVE-2014-2234 |
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application. Published: March 05, 2014; 12:11:22 AM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2014-1912 |
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. Published: February 28, 2014; 7:55:05 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6712 |
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification. Published: November 27, 2013; 11:37:39 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2011-2391 |
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. Published: September 19, 2013; 6:27:53 AM -0400 |
V3.x:(not available) V2.0: 6.1 MEDIUM |
CVE-2013-3951 |
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program. Published: June 05, 2013; 10:39:55 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2013-2777 |
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. Published: April 08, 2013; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2013-2776 |
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. Published: April 08, 2013; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2013-1776 |
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. Published: April 08, 2013; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2013-1775 |
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. Published: March 05, 2013; 4:38:56 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2012-1148 |
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. Published: July 03, 2012; 3:55:02 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-5078 |
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document. Published: June 30, 2011; 11:55:01 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
CVE-2009-5044 |
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. Published: June 24, 2011; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |