Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mac Os X Server Security Vulnerabilities - 2013

cve
cve

CVE-2013-0966

The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI.

6.3AI Score

0.003EPSS

2013-03-15 08:55 PM
38
cve
cve

CVE-2013-0967

CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site.

6.2AI Score

0.001EPSS

2013-03-15 08:55 PM
32
cve
cve

CVE-2013-0971

Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted ink annotations in a PDF document.

7.6AI Score

0.012EPSS

2013-03-15 08:55 PM
33
cve
cve

CVE-2013-0973

Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream.

6.5AI Score

0.002EPSS

2013-03-15 08:55 PM
31
cve
cve

CVE-2013-0975

Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

7.8AI Score

0.035EPSS

2013-06-05 02:39 PM
32
cve
cve

CVE-2013-0982

The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation.

6.3AI Score

0.0004EPSS

2013-06-05 02:39 PM
44
cve
cve

CVE-2013-0984

Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.

7.5AI Score

0.042EPSS

2013-06-05 02:39 PM
37
cve
cve

CVE-2013-0990

SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, allows remote authenticated users to create or modify files outside of a shared directory via unspecified vectors.

5.8AI Score

0.002EPSS

2013-06-05 02:39 PM
29
cve
cve

CVE-2013-1024

CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

7.4AI Score

0.01EPSS

2013-06-05 02:39 PM
30