Vulnerabilities > Apple > MAC OS X > 10.3.5

DATE CVE VULNERABILITY TITLE RISK
2015-08-16 CVE-2015-3772 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.
local
low complexity
apple CWE-119
7.2
2015-08-16 CVE-2015-3771 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.
local
low complexity
apple CWE-119
7.2
2015-08-16 CVE-2015-3770 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.
network
apple CWE-119
critical
9.3
2015-08-16 CVE-2015-3769 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3771 and CVE-2015-3772.
local
low complexity
apple CWE-119
7.2
2015-08-16 CVE-2015-3768 Numeric Errors vulnerability in Apple Iphone OS and mac OS X
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
network
apple CWE-189
critical
9.3
2015-08-16 CVE-2015-3767 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
udf in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.
local
low complexity
apple CWE-264
7.2
2015-08-16 CVE-2015-3766 Information Exposure vulnerability in Apple Iphone OS and mac OS X
The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app.
network
apple CWE-200
4.3
2015-08-16 CVE-2015-3764 Information Exposure vulnerability in Apple mac OS X
Notification Center in Apple OS X before 10.10.5 does not properly remove dismissed notifications, which allows attackers to read arbitrary notifications via a crafted app.
network
apple CWE-200
4.3
2015-08-16 CVE-2015-3762 Information Exposure vulnerability in Apple mac OS X
The Text Formats component in Apple OS X before 10.10.5, as used in TextEdit, allows remote attackers to read arbitrary files via a text file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
network
low complexity
apple CWE-200
5.0
2015-08-16 CVE-2015-3761 Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X
The kernel in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain privileges via unspecified vectors.
local
low complexity
apple CWE-264
7.2