Vulnerabilities > Apple > MAC OS X > 10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-09 | CVE-2015-5888 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving a privileged executable file. | 7.2 |
| 2015-10-09 | CVE-2015-5887 | Code vulnerability in Apple mac OS X The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data. | 10.0 |
| 2015-10-09 | CVE-2015-5884 | Information Exposure vulnerability in Apple mac OS X The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attachments, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during transmission of an S/MIME e-mail message with a large attachment. | 3.3 |
| 2015-10-09 | CVE-2015-5883 | Improper Input Validation vulnerability in Apple mac OS X The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 10.11 interpret directional override formatting characters differently, which allows remote attackers to spoof the content of a text document via a crafted character sequence. | 5.0 |
| 2015-10-09 | CVE-2015-5878 | Information Exposure vulnerability in Apple mac OS X Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive information via unspecified vectors. | 2.1 |
| 2015-10-09 | CVE-2015-5877 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5830. | 7.2 |
| 2015-10-09 | CVE-2015-5875 | Cross-site Scripting vulnerability in Apple mac OS X Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before 10.11 allows local users to inject arbitrary web script or HTML via crafted text. | 2.1 |
| 2015-10-09 | CVE-2015-5873 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5872, and CVE-2015-5890. | 7.2 |
| 2015-10-09 | CVE-2015-5872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5871, CVE-2015-5873, and CVE-2015-5890. | 7.2 |
| 2015-10-09 | CVE-2015-5871 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890. | 7.2 |