Mac Os X Security Vulnerabilities and Issues — Mac Os X CVE List

Lucene search

AppleMac Os X

12 matches found

CVE•added 2003/11/17 5:0 a.m.•57 views

CVE-2003-0804

The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.

5CVSS6.6AI score0.00739EPSS

CVE•added 2003/11/03 5:0 a.m.•53 views

CVE-2003-0895

Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).

4.6CVSS7.7AI score0.00306EPSS

CVE•added 2003/11/03 5:0 a.m.•51 views

CVE-2003-0876

Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.

2.1CVSS6.5AI score0.00084EPSS

CVE•added 2003/11/03 5:0 a.m.•49 views

CVE-2003-0881

Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.

7.5CVSS7.5AI score0.00785EPSS

CVE•added 2003/11/17 5:0 a.m.•48 views

CVE-2001-1412

nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.

2.1CVSS6.5AI score0.00231EPSS

CVE•added 2003/11/03 5:0 a.m.•46 views

CVE-2003-0871

Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."

7.5CVSS7.2AI score0.00557EPSS

CVE•added 2003/11/03 5:0 a.m.•46 views

CVE-2003-0882

Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.

5CVSS7AI score0.00497EPSS

CVE•added 2003/11/03 5:0 a.m.•44 views

CVE-2003-0877

Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory.

4.6CVSS6.3AI score0.00068EPSS

CVE•added 2003/11/03 5:0 a.m.•44 views

CVE-2003-0883

The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.

4.6CVSS6.5AI score0.00061EPSS

CVE•added 2003/11/17 5:0 a.m.•42 views

CVE-2001-1411

Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.

7.2CVSS7AI score0.00081EPSS

CVE•added 2003/11/03 5:0 a.m.•41 views

CVE-2003-0880

Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.

4.6CVSS6.7AI score0.00061EPSS

CVE•added 2003/11/03 5:0 a.m.•40 views

CVE-2003-0878

slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.

2.1CVSS6.8AI score0.00242EPSS