National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.2.7
There are 1,470 matching records.
Displaying matches 1461 through 1470.
Vuln ID Summary CVSS Severity
CVE-2003-1011

Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell.

Published: March 29, 2004; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2004-0165

Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges.

Published: March 15, 2004; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2003-0804

The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.

Published: November 17, 2003; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2003-0876

Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2003-0877

Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory.

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2003-0878

slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2003-0880

Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-2003-0881

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2003-0882

Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2003-0895

Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).

Published: November 03, 2003; 12:00:00 AM -05:00
V2: 4.6 MEDIUM