Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*
There are 1,941 matching records.
Displaying matches 1,901 through 1,920.
Vuln ID Summary CVSS Severity
CVE-2006-3356

The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.

Published: July 06, 2006; 4:05:00 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2006-1984

Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference.

Published: April 21, 2006; 6:02:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2006-1220

Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow.

Published: March 13, 2006; 9:02:00 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2005-0985

Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver.

Published: December 31, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-2194

Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing.

Published: December 31, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-4504

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.

Published: December 22, 2005; 6:03:00 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2005-2739

Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.

Published: November 01, 2005; 7:47:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-2752

An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.

Published: November 01, 2005; 7:47:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-2509

Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.

Published: August 19, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-1260

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

Published: May 19, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-0969

Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.

Published: May 12, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2005-0971

Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

Published: May 12, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2005-0972

Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.

Published: May 12, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-0973

Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.

Published: May 12, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0974

Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

Published: May 12, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-1430

Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

Published: May 03, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2005-0342

The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2005-0970

Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.

Published: May 02, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2005-0373

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

Published: October 07, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2004-0513

Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."

Published: August 18, 2004; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH