Vulnerabilities > Apple > MAC OS X > 10.3.5

DATE CVE VULNERABILITY TITLE RISK
2015-04-10 CVE-2015-1137 Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.3
The NVIDIA graphics driver in Apple OS X before 10.10.3 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via an unspecified IOService userclient type.
local
low complexity
apple
7.2
2015-04-10 CVE-2015-1136 Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.3
Use-after-free vulnerability in CoreAnimation in Apple OS X before 10.10.3 allows remote attackers to execute arbitrary code by leveraging improper use of a mutex.
network
apple
6.8
2015-04-10 CVE-2015-1135 Improper Input Validation vulnerability in Apple mac OS X
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1134.
local
low complexity
apple CWE-20
7.2
2015-04-10 CVE-2015-1134 Improper Input Validation vulnerability in Apple mac OS X
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, and CVE-2015-1135.
local
low complexity
apple CWE-20
7.2
2015-04-10 CVE-2015-1133 Improper Input Validation vulnerability in Apple mac OS X
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1132, CVE-2015-1134, and CVE-2015-1135.
local
low complexity
apple CWE-20
7.2
2015-04-10 CVE-2015-1132 Improper Input Validation vulnerability in Apple mac OS X
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.
network
low complexity
apple CWE-20
critical
10.0
2015-04-10 CVE-2015-1131 Improper Input Validation vulnerability in Apple mac OS X
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.
local
low complexity
apple CWE-20
7.2
2015-04-10 CVE-2015-1130 7PK - Security Features vulnerability in Apple mac OS X
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
local
low complexity
apple CWE-254
7.2
2015-04-10 CVE-2015-1118 Unspecified vulnerability in Apple Iphone OS, mac OS X and Tvos
libnetcore in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to cause a denial of service (memory corruption and application crash) via a crafted configuration profile.
network
low complexity
apple
5.0
2015-04-10 CVE-2015-1117 Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS, mac OS X and Tvos
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.
local
apple CWE-264
6.9