Mac Os X@10.8.4 Security Vulnerabilities and Issues — Page 2 of Mac Os X@10.8.4 CVE List

Lucene search

AppleMac Os X10.8.4

59 matches found

CVE•added 2013/10/24 3:48 a.m.•38 views

CVE-2013-5189

Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the compl...

5.8CVSS6.2AI score0.0017EPSS

CVE•added 2013/10/24 3:48 a.m.•37 views

CVE-2013-5165

socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an application for which blocking was configured.

6.4CVSS6.2AI score0.00154EPSS

CVE•added 2013/10/24 3:48 a.m.•37 views

CVE-2013-5182

Mail in Apple Mac OS X before 10.9 allows remote attackers to spoof the existence of a cryptographic signature for an e-mail message by using the multipart/signed content type within an unsigned message.

5CVSS6.2AI score0.00345EPSS

CVE•added 2013/10/24 3:48 a.m.•36 views

CVE-2013-5167

CFNetwork in Apple Mac OS X before 10.9 does not properly support Safari's deletion of session cookies in response to a reset operation, which makes it easier for remote web servers to track users via Set-Cookie HTTP headers.

5CVSS6.3AI score0.00351EPSS

CVE•added 2013/10/24 3:48 a.m.•36 views

CVE-2013-5173

The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy exclusive access for processing of large requests, which allows local users to cause a denial of service (temporary generator outage) via an application that requires many random numbers.

2.1CVSS5.9AI score0.00131EPSS

CVE•added 2013/10/24 3:48 a.m.•36 views

CVE-2013-5183

Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network.

2.6CVSS5.9AI score0.00443EPSS

CVE•added 2013/06/05 2:39 p.m.•35 views

CVE-2013-3952

The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle.

2.1CVSS5.8AI score0.00133EPSS

CVE•added 2013/10/24 3:48 a.m.•35 views

CVE-2013-5169

CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen.

1.9CVSS5.4AI score0.00131EPSS

CVE•added 2013/10/24 3:48 a.m.•35 views

CVE-2013-5175

The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file.

6.6CVSS5.7AI score0.00138EPSS

Total number of security vulnerabilities59