Vulnerabilities > Apple > MAC OS X > 10.3.5

DATE CVE VULNERABILITY TITLE RISK
2015-08-17 CVE-2015-5754 Race Condition vulnerability in Apple mac OS X
Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages incorrect privilege dropping associated with a locking error.
network
apple CWE-362
critical
9.3
2015-08-17 CVE-2015-5750 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters.
network
low complexity
apple CWE-119
7.5
2015-08-17 CVE-2015-5748 Code vulnerability in Apple Iphone OS, mac OS X and Safari
The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.
local
low complexity
apple CWE-17
2.1
2015-08-17 CVE-2015-5747 Resource Management Errors vulnerability in Apple mac OS X
The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial of service (resource consumption) via unspecified vectors.
local
low complexity
apple CWE-399
4.9
2015-08-17 CVE-2015-3807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos
libxml2 in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted XML document.
network
apple CWE-119
4.3
2015-08-17 CVE-2015-3806 Improper Access Control vulnerability in Apple Iphone OS and mac OS X
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file.
local
low complexity
apple CWE-284
7.2
2015-08-17 CVE-2015-3805 Improper Input Validation vulnerability in Apple Iphone OS and mac OS X
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802.
local
low complexity
apple CWE-20
7.2
2015-08-17 CVE-2015-3804 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775.
network
low complexity
apple CWE-119
7.5
2015-08-17 CVE-2015-3803 Improper Input Validation vulnerability in Apple Iphone OS and mac OS X
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file.
local
low complexity
apple CWE-20
7.2
2015-08-17 CVE-2015-3802 Improper Input Validation vulnerability in Apple Iphone OS and mac OS X
Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805.
local
low complexity
apple CWE-20
7.2