Mac Os X Security Vulnerabilities
The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions."
6.8AI Score
0.001EPSS
MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.
5.8AI Score
0.0004EPSS
Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474.
7AI Score
0.005EPSS
Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing.
6.2AI Score
0.047EPSS
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.
9.7AI Score
0.003EPSS
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
9.6AI Score
0.004EPSS
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
9AI Score
0.001EPSS
The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.
9.4AI Score
0.0004EPSS
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.
9.9AI Score
0.008EPSS
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
9.1AI Score
0.003EPSS
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
8.8AI Score
0.0004EPSS
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.
9.4AI Score
0.001EPSS
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.
9.7AI Score
0.002EPSS
Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.
9.4AI Score
0.0004EPSS
Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields.
9.3AI Score
0.002EPSS
Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.
9.3AI Score
0.0004EPSS
Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to access links from the RSS Visualizer even when a password is required.
8.9AI Score
0.0004EPSS
Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.
9.7AI Score
0.003EPSS
Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.
9.4AI Score
0.001EPSS
Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
9.9AI Score
0.041EPSS
slpd in Directory Services in Mac OS X 10.3.9 creates insecure temporary files as root, which allows local users to gain privileges.
9AI Score
0.0004EPSS
The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.
9.5AI Score
0.0005EPSS
Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.
9.3AI Score
0.0004EPSS
Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.
9.6AI Score
0.011EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
8AI Score
0.008EPSS
Safari after 2.0 in Apple Mac OS X 10.3.9 allows remote attackers to bypass domain restrictions via crafted web archives that cause Safari to render them as if they came from a different site.
8.5AI Score
0.002EPSS
CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).
9.2AI Score
0.007EPSS
CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.
9AI Score
0.007EPSS
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
6.6AI Score
0.0004EPSS
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
6.3AI Score
0.0004EPSS
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
6.3AI Score
0.002EPSS
Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators.
6.1AI Score
0.0004EPSS
SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wak...
6.4AI Score
0.001EPSS
The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code.
7.2AI Score
0.007EPSS
Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
7.5AI Score
0.055EPSS
Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information.
8.5AI Score
0.002EPSS
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
6.2AI Score
0.002EPSS
Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file.
7.6AI Score
0.077EPSS
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.
6AI Score
0.0004EPSS
Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability.
6.5AI Score
0.001EPSS
memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group.
6.6AI Score
0.001EPSS
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.
6.2AI Score
0.001EPSS
Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."
8.1AI Score
0.119EPSS
Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors.
7.2AI Score
0.001EPSS
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.
6.5AI Score
0.011EPSS
System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).
6.7AI Score
0.03EPSS
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
8.1AI Score
0.119EPSS
Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory.
7.9AI Score
0.015EPSS
Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.
7.8AI Score
0.033EPSS
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequenc...
6.8AI Score
0.001EPSS