Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
There are 1,904 matching records.
Displaying matches 1,881 through 1,900.
Vuln ID Summary CVSS Severity
CVE-2007-0430

The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value.

Published: January 22, 2007; 9:28:00 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2006-6906

Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900.

Published: December 31, 2006; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-4396

The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2006-4400

Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2006-4401

Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2006-4402

Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2006-4403

The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2006-4404

The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2006-6173

Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter.

Published: November 30, 2006; 11:28:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-4887

Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.

Published: September 19, 2006; 5:07:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-3356

The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.

Published: July 06, 2006; 4:05:00 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2006-1984

Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference.

Published: April 21, 2006; 6:02:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-0985

Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver.

Published: December 31, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-2194

Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing.

Published: December 31, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-2752

An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.

Published: November 01, 2005; 7:47:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-1260

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

Published: May 19, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2004-0513

Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."

Published: August 18, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2004-0430

Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.

Published: July 07, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2003-0878

slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.

Published: November 03, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2003-0880

Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.

Published: November 03, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM