Apple Mac OS X 10.2.7

CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.

Published: 2014-11-18T11:00:00.000Z
Updated: 2024-08-06T11:20:25.757Z

The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors.

Published: 2014-11-18T11:00:00.000Z
Updated: 2024-08-06T11:20:25.967Z

Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.

Published: 2014-11-18T11:00:00.000Z
Updated: 2024-08-06T11:20:25.917Z

Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.

Published: 2013-06-05T10:00:00.000Z
Updated: 2024-09-16T18:50:13.108Z

Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-08-06T20:13:51.604Z

The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-08-06T20:13:51.716Z

Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecified vectors.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-08-06T20:13:51.635Z

Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 saves password hashes for external-account use even if external accounts are not enabled, which might allow remote attackers to determine passwords via unspecified access to a mobile account.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-09-16T17:08:01.000Z

Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a third-party plugin.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-08-06T20:13:51.631Z

Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-08-06T20:13:51.624Z

Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:54.182Z

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.808Z

Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.833Z

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:54.001Z

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.773Z

Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.799Z

libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that uses a short key.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.859Z

libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.819Z

Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

Published: 2012-09-20T21:00:00.000Z
Updated: 2024-09-16T23:45:44.563Z

Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file.

Published: 2012-05-11T01:00:00.000Z
Updated: 2024-08-06T18:30:53.793Z

QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.003Z

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-mail message.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.155Z

The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.309Z

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:55.831Z

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.316Z

QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.633Z

QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.579Z

The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.628Z

MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:55.419Z

The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:55.424Z

The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.297Z

IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:56.579Z

The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T23:29:55.994Z

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T21:43:15.431Z

Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T21:43:15.371Z

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T21:43:15.515Z

CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

Published: 2011-10-14T10:00:00.000Z
Updated: 2024-08-06T21:43:15.380Z

The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors.

Published: 2009-11-10T19:00:00.000Z
Updated: 2024-08-07T06:07:37.338Z

IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors.

Published: 2009-11-10T19:00:00.000Z
Updated: 2024-08-07T06:07:37.179Z

Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Published: 2009-11-10T19:00:00.000Z
Updated: 2024-08-07T06:07:36.498Z

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.

Published: 2009-11-10T19:00:00.000Z
Updated: 2024-08-07T06:07:36.959Z

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues.

Published: 2009-11-10T19:00:00.000Z
Updated: 2024-08-07T06:07:37.571Z

Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response.

Published: 2009-11-10T19:00:00.000Z
Updated: 2024-08-07T06:07:35.945Z

Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable.

Published: 2009-04-02T17:00:00.000Z
Updated: 2024-08-07T05:04:49.425Z

Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.

Published: 2009-04-02T17:00:00.000Z
Updated: 2024-08-07T05:04:49.297Z

Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.

Published: 2009-04-02T17:00:00.000Z
Updated: 2024-08-07T05:04:49.428Z

XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.

Published: 2009-04-02T17:00:00.000Z
Updated: 2024-08-07T05:04:49.363Z

Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption.

Published: 2008-06-23T20:00:00.000Z
Updated: 2024-08-07T08:58:02.606Z

A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.

Published: 2008-03-04T23:00:00.000Z
Updated: 2024-08-07T08:08:57.600Z

A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.

Published: 2008-03-04T23:00:00.000Z
Updated: 2024-08-07T08:08:57.697Z

A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning against OpenBSD's modification of BIND.

Published: 2008-03-04T23:00:00.000Z
Updated: 2024-08-07T08:08:57.711Z

Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI.

Published: 2007-06-06T10:00:00.000Z
Updated: 2024-08-07T14:05:28.550Z

Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets.

Published: 2007-05-29T21:00:00.000Z
Updated: 2024-08-07T13:33:28.621Z

Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations.

Published: 2007-05-29T21:00:00.000Z
Updated: 2024-08-07T13:33:28.638Z

Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.

Published: 2007-04-24T16:00:00.000Z
Updated: 2024-08-07T12:26:54.485Z

Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.

Published: 2006-12-20T02:00:00.000Z
Updated: 2024-08-07T20:33:59.901Z

Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.

Published: 2006-09-19T19:00:00.000Z
Updated: 2024-09-16T18:43:30.512Z

Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow.

Published: 2006-03-14T02:00:00.000Z
Updated: 2024-08-07T17:03:28.393Z

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.

Published: 2005-12-22T23:00:00.000Z
Updated: 2024-08-07T23:46:05.526Z

Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.

Published: 2005-11-01T11:00:00.000Z
Updated: 2024-08-07T22:45:02.099Z

Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.

Published: 2005-08-19T04:00:00.000Z
Updated: 2024-08-07T22:30:01.053Z

Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

Published: 2005-05-03T04:00:00.000Z
Updated: 2024-09-16T23:27:08.202Z

Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

Published: 2005-05-12T04:00:00.000Z
Updated: 2024-08-07T21:35:58.988Z

Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.

Published: 2005-05-12T04:00:00.000Z
Updated: 2024-09-17T02:42:14.613Z

Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.

Published: 2005-05-12T04:00:00.000Z
Updated: 2024-09-16T18:23:17.247Z

Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

Published: 2005-05-12T04:00:00.000Z
Updated: 2024-09-17T03:27:40.022Z

Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.

Published: 2005-04-22T04:00:00.000Z
Updated: 2024-08-07T21:35:58.987Z

Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.

Published: 2005-05-12T04:00:00.000Z
Updated: 2024-09-16T16:28:23.683Z

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

Published: 2005-02-13T05:00:00.000Z
Updated: 2024-08-07T21:13:54.116Z

The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.

Published: 2005-02-10T05:00:00.000Z
Updated: 2024-08-07T21:13:53.348Z

Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.

Published: 2004-12-05T05:00:00.000Z
Updated: 2024-08-08T00:39:00.816Z

Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.823Z

Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.843Z

Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.750Z

Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.875Z

Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.864Z

Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.910Z

Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.855Z

The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.

Published: 2005-04-14T04:00:00.000Z
Updated: 2024-08-08T00:39:00.843Z

ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.

Published: 2004-10-28T04:00:00.000Z
Updated: 2024-09-17T03:18:16.673Z

Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.

Published: 2004-10-28T04:00:00.000Z
Updated: 2024-09-16T20:02:32.497Z

NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not.

Published: 2004-10-28T04:00:00.000Z
Updated: 2024-09-16T18:18:56.420Z

CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.

Published: 2004-10-26T04:00:00.000Z
Updated: 2024-08-08T00:31:47.981Z

AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.

Published: 2004-10-28T04:00:00.000Z
Updated: 2024-09-17T01:16:42.579Z

AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.

Published: 2004-10-28T04:00:00.000Z
Updated: 2024-09-17T00:17:33.777Z

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

Published: 2004-10-26T04:00:00.000Z
Updated: 2024-08-08T00:31:47.875Z

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

Published: 2004-10-26T04:00:00.000Z
Updated: 2024-08-08T00:31:47.951Z

The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.

Published: 2004-08-12T04:00:00.000Z
Updated: 2024-08-08T00:31:47.091Z

Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.

Published: 2004-08-12T04:00:00.000Z
Updated: 2024-08-08T00:31:46.920Z

Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact.

Published: 2005-03-02T05:00:00.000Z
Updated: 2024-08-08T00:17:14.970Z

Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges.

Published: 2004-09-01T04:00:00.000Z
Updated: 2024-08-08T00:10:03.656Z

Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors.

Published: 2005-04-15T04:00:00.000Z
Updated: 2024-09-17T02:42:08.074Z

Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell.

Published: 2004-03-10T05:00:00.000Z
Updated: 2024-08-08T02:12:35.735Z

Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.

Published: 2004-03-10T05:00:00.000Z
Updated: 2024-08-08T02:12:35.567Z

Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).

Published: 2003-10-30T05:00:00.000Z
Updated: 2024-08-08T02:05:12.645Z

Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory.

Published: 2003-10-30T05:00:00.000Z
Updated: 2024-08-08T02:05:12.897Z

Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.

Published: 2003-10-30T05:00:00.000Z
Updated: 2024-08-08T02:05:12.744Z

The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.

Published: 2003-09-25T04:00:00.000Z
Updated: 2024-08-08T02:05:12.550Z