Vulnerabilities > Apple > MAC OS X > 10.3.1

DATE CVE VULNERABILITY TITLE RISK
2015-08-16 CVE-2015-3774 Improper Input Validation vulnerability in Apple mac OS X
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.
low complexity
apple CWE-20
4.8
2015-08-16 CVE-2015-3773 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
network
low complexity
apple CWE-119
7.5
2015-08-16 CVE-2015-3772 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.
local
low complexity
apple CWE-119
7.2
2015-08-16 CVE-2015-3771 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.
local
low complexity
apple CWE-119
7.2
2015-08-16 CVE-2015-3770 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.
network
apple CWE-119
critical
9.3
2015-08-16 CVE-2015-3769 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.
local
low complexity
apple CWE-119
7.2
2015-08-16 CVE-2015-3768 Numeric Errors vulnerability in Apple Iphone OS and mac OS X
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
network
apple CWE-189
critical
9.3
2015-08-16 CVE-2015-3767 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
local
low complexity
apple CWE-264
7.2
2015-08-16 CVE-2015-3766 Information Exposure vulnerability in Apple Iphone OS and mac OS X
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
network
apple CWE-200
4.3
2015-08-16 CVE-2015-3764 Information Exposure vulnerability in Apple mac OS X
Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app.
network
apple CWE-200
4.3