The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information.
5.9AI Score
0.011EPSS
URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credentials for mounting filesystems on SMB servers as command line arguments to the mount_sub command, which may allow local users to obtain sensitive information by listing the process.
5.7AI Score
0.0004EPSS
SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.
6.1AI Score
0.001EPSS
Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference".
7.7AI Score
0.058EPSS
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.
6AI Score
0.001EPSS
Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file.
7.6AI Score
0.017EPSS
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.
7.1AI Score
0.0004EPSS
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
7.1AI Score
0.0004EPSS
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.
7.4AI Score
0.0004EPSS
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue ...
8.2AI Score
0.595EPSS
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?...
9.2AI Score
0.041EPSS
Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet.
7.7AI Score
0.491EPSS
Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet.
7.7AI Score
0.07EPSS
WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.
7.4AI Score
0.167EPSS
CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the setRequestHeader function. NO...
5.6AI Score
0.014EPSS
CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting (XSS...
5.7AI Score
0.008EPSS
Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture va...
6AI Score
0.003EPSS
Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet.
7.5AI Score
0.067EPSS
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary code by creating the port before launching the setuid program, then writing to the address space of t...
7.8CVSS
7.4AI Score
0.0004EPSS
Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.
7.6AI Score
0.765EPSS
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
9.8CVSS
9.8AI Score
0.687EPSS
Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386.
7.4AI Score
0.491EPSS
Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.
9.2AI Score
0.0004EPSS
Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table.
7.5AI Score
0.0004EPSS
Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value, w...
7.8CVSS
7.3AI Score
0.0004EPSS
Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow.
7.5AI Score
0.0004EPSS
Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom.
7.6AI Score
0.532EPSS
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.
7.7AI Score
0.943EPSS
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values.
7.7AI Score
0.801EPSS
AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted.
6.7AI Score
0.005EPSS
CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.
7AI Score
0.002EPSS
CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack.
6.8AI Score
0.016EPSS
Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy.
7.6AI Score
0.0004EPSS
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer.
7.6AI Score
0.004EPSS
Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory.
6.7AI Score
0.0004EPSS
Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call.
7.4AI Score
0.0004EPSS
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."
7.1AI Score
0.0004EPSS
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request.
6.8AI Score
0.0004EPSS
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files.
7AI Score
0.007EPSS
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.
6.8AI Score
0.014EPSS
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.
7.6AI Score
0.049EPSS
Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
7.2AI Score
0.013EPSS
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.
6.9AI Score
0.011EPSS
The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboard focus between secure text fields."
7.6AI Score
0.004EPSS
Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.
6.8AI Score
0.014EPSS
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads.
6.8AI Score
0.013EPSS
Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari.
6.7AI Score
0.013EPSS
Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption.
7.5AI Score
0.026EPSS
Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors.
7AI Score
0.025EPSS
WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari is previewing a PDF file, which allows local users to read the contents of that file.
6.7AI Score
0.0005EPSS