Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
There are 1,945 matching records.
Displaying matches 1,941 through 1,945.
Vuln ID Summary CVSS Severity

The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.

Published: August 12, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM

SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates.

Published: July 11, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH

Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.

Published: December 31, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW

Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.

Published: December 06, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 3.6 LOW

NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.

Published: October 17, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH