Vulnerabilities > Apple > MAC OS X > 10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-09 | CVE-2015-5913 | Improper Access Control vulnerability in Apple mac OS X Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request. | 6.8 |
| 2015-10-09 | CVE-2015-5902 | Multiple Security vulnerability in Apple Mac OS X Prior to 10.11 The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local users to cause a denial of service via unspecified vectors. | 4.9 |
| 2015-10-09 | CVE-2015-5901 | Information Exposure vulnerability in Apple mac OS X The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive. | 2.1 |
| 2015-10-09 | CVE-2015-5900 | 7PK - Security Features vulnerability in Apple mac OS X The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value, which allows attackers to cause a denial of service (boot failure) via a crafted app that writes to an unintended address. | 7.1 |
| 2015-10-09 | CVE-2015-5897 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using an environment variable to inject code into processes that rely on this framework. | 4.6 |
| 2015-10-09 | CVE-2015-5894 | Code vulnerability in Apple mac OS X The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | 4.3 |
| 2015-10-09 | CVE-2015-5893 | Information Exposure vulnerability in Apple mac OS X SMBClient in SMB in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. | 2.1 |
| 2015-10-09 | CVE-2015-5891 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors. | 7.2 |
| 2015-10-09 | CVE-2015-5890 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5873. | 7.2 |
| 2015-10-09 | CVE-2015-5889 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X rsh in the remote_cmds component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving environment variables. | 7.2 |