Lucene search
K

405 matches found

Cvelist
Cvelist
added 2007/12/18 8:0 p.m.29 views

CVE-2007-5862

Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet...

6.8AI score0.02656EPSS
Exploits2References5
CVE
CVE
added 2007/12/18 8:0 p.m.50 views

CVE-2007-5862

The CVE-2007-5862 issue affects Mac OS X 10.4.x (up to 10.4.11) and Java for Mac OS X 10.4 Release 6. A crafted Java applet could bypass Keychain access controls and add or delete arbitrary Keychain items, enabling remote privilege escalation. The problem stems from improper verification of user ...

9.4CVSS6.8AI score0.02656EPSS
Exploits2References5Affected Software1
seebug.org
seebug.org
added 2007/12/18 12:0 a.m.29 views

Apple Mac OS X Keychain安全绕过漏洞

BUGTRAQ ID: 26877 CVE ID:CVE-2007-5862 CNCVE ID:CNCVE-20075862 Apple Mac OS X是一款商业性质的基于BSD的操作系统。 Apple Mac OS X在执行部分操作时不正确验证用户信任信息,远程攻击者可以利用漏洞进行安全绕过攻击,修改其他用户帐户等操作。 Keychain升级的访问检查可绕过,特定构建的JAVA APPLET可增加或删除用户keychain中的项目而不对用户进行任何提示操作。可能导致修改其他用户帐户等攻击。 Apple Mac OS X Server 10.4.11 Apple Mac OS X...

9.4CVSS6.4AI score0.02656EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/12/17 12:0 a.m.47 views

Mac OS X : Java for Mac OS X 10.4 Release 6

The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 6. The remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to escalate its privileges and to add or remove arbitrary items from the user's...

10CVSS7.5AI score0.18185EPSS
Exploits7References17
seebug.org
seebug.org
added 2007/11/17 12:0 a.m.44 views

Apple Mac OS X v10.4.11之前版本多个安全漏洞

BUGTRAQ ID: 26444 CVECAN ID:...

10CVSS6.3AI score0.07452EPSS
Exploits2
Prion
Prion
added 2007/11/15 2:46 a.m.20 views

Default configuration

The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions...

7.5CVSS6.3AI score0.01759EPSS
Exploits1References8
Cvelist
Cvelist
added 2007/11/15 2:0 a.m.24 views

CVE-2007-4699

The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions...

7AI score0.01759EPSS
Exploits1References8
CVE
CVE
added 2007/11/15 2:0 a.m.49 views

CVE-2007-4699

CVE-2007-4699 involves Safari on Apple Mac OS X 10.4–10.4.10 where the default Safari configuration can add a private key to the keychain with permissions that allow other applications to access it without warning. This may bypass intended access restrictions and potentially leak credentials or e...

7.5CVSS7AI score0.01759EPSS
Exploits1References8Affected Software1
securityvulns
securityvulns
added 2007/05/07 12:0 a.m.95 views

safari's saved password at risk

I'd like to inform you that safari is prone to a vunlerability that allow a local user to steal safari's saved passwords by using some macosx componenets. More infos about this issue will be made available as soon as apple will provide a fix. I strongly recommend users remove all safari's saved...

1.6AI score
Exploits0
NVD
NVD
added 2006/05/12 9:2 p.m.11 views

CVE-2006-1446

Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked...

5CVSS6.2AI score0.02516EPSS
Exploits0References8
Prion
Prion
added 2006/05/12 9:2 p.m.16 views

Authentication flaw

Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked...

5CVSS6.4AI score0.02516EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2006/05/12 9:0 p.m.16 views

CVE-2006-1446

Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked...

6.2AI score0.02516EPSS
Exploits0References8
CVE
CVE
added 2006/05/12 9:0 p.m.54 views

CVE-2006-1446

Technical details for CVE-2006-1446 are not publicly available in the provided documents; monitor for updates.

5CVSS6.2AI score0.02516EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2006/05/12 12:0 a.m.68 views

[SA20077] Mac OS X Security Update Fixes Multiple Vulnerabilities

TITLE: Mac OS X Security Update Fixes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA20077 VERIFY ADVISORY: http://secunia.com/advisories/20077/ CRITICAL: Highly critical IMPACT: Security Bypass, Exposure of sensitive information, DoS, System access WHERE: From remote OPERATING SYSTEM: Apple...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/11/08 12:0 a.m.24 views

Multiple MacOS X vulnerabilities

Invalid ownership information in 'Finder', invalid 'Update' functioning, memberd removed group membership unauthorized access, 'Keychain' password leak, 'Kernel' uninitialized memory leak...

4.7AI score
Exploits0References2Affected Software1
NVD
NVD
added 2005/11/01 12:47 p.m.21 views

CVE-2005-2739

Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password...

2.1CVSS6.3AI score0.00354EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/11/01 11:0 a.m.25 views

CVE-2005-2739

Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password...

6.3AI score0.00354EPSS
Exploits0References7
CVE
CVE
added 2005/11/01 11:0 a.m.54 views

CVE-2005-2739

CVE-2005-2739 affects Keychain Access on Mac OS X 10.4.2 and earlier, where a password may remain visible if a keychain times out during viewing. This could allow someone with physical access to see the password. The issue is addressed by Apple in the Mac OS X 10.4.3 update (and related 10.4.x pa...

2.1CVSS6.3AI score0.00354EPSS
Exploits0References7Affected Software2
securityvulns
securityvulns
added 2005/11/01 12:0 a.m.78 views

APPLE-SA-2005-10-31 Mac OS X v10.4.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2005-10-31 Mac OS X v10.4.3 Mac OS X v10.4.3 and Mac OS X Server v10.4.3 are now available and deliver the following security enhancements: Finder CVE-ID: CVE-2005-2749 Available for: Mac OS X v10.4.2, Mac OS X Server v10.4.2 Impact: File...

4.6CVSS0.0038EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/11/01 12:0 a.m.35 views

Mac OS X 10.4.x < 10.4.3 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.4.x that is prior to 10.4.3. Mac OS X 10.4.3 contains several security fixes for : - Finder - Software Update - memberd - KeyChain - Kernel C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include"compat.inc"; ifdescription...

4.6CVSS5.3AI score0.0038EPSS
Exploits0References8
Rows per page
Query Builder