Vulnerabilities > Apple > MAC OS X > 10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-03 | CVE-2015-3720 | Information Exposure vulnerability in Apple mac OS X The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app. | 4.3 |
| 2015-07-03 | CVE-2015-3719 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694. | 6.8 |
| 2015-07-03 | CVE-2015-3718 | Multiple Security vulnerability in Apple Mac OS X Prior to 10.10.4 systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue. network apple | 6.8 |
| 2015-07-03 | CVE-2015-3717 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 7.5 |
| 2015-07-03 | CVE-2015-3716 | Command Injection vulnerability in Apple mac OS X Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library. | 4.4 |
| 2015-07-03 | CVE-2015-3715 | 7PK - Security Features vulnerability in Apple mac OS X The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library. | 6.8 |
| 2015-07-03 | CVE-2015-3714 | 7PK - Security Features vulnerability in Apple mac OS X Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app. | 5.0 |
| 2015-07-03 | CVE-2015-3713 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and Quicktime QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file. | 6.8 |
| 2015-07-03 | CVE-2015-3712 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. | 9.3 |
| 2015-07-03 | CVE-2015-3711 | Information Exposure vulnerability in Apple mac OS X The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | 4.3 |