Vulnerabilities > Apple > MAC OS X > 10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-02-27 | CVE-2014-1258 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image. | 6.8 |
| 2014-02-27 | CVE-2014-1256 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | 7.5 |
| 2014-02-27 | CVE-2014-1255 | Improper Input Validation vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages. | 7.5 |
| 2014-02-27 | CVE-2014-1254 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document. | 6.8 |
| 2014-01-24 | CVE-2014-1252 | Double Free vulnerability in Apple Iphone OS, mac OS X and Pages Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. | 7.5 |
| 2013-10-04 | CVE-2013-5163 | Improper Authentication vulnerability in Apple mac OS X Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors. | 6.6 |
| 2013-09-19 | CVE-2011-2391 | Improper Input Validation vulnerability in Apple Iphone OS, Itunes and mac OS X The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. | 6.1 |
| 2013-09-16 | CVE-2013-1033 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access. | 5.5 |
| 2013-09-16 | CVE-2013-1032 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and Quicktime QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file. | 6.8 |
| 2013-09-16 | CVE-2013-1031 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a locking failure had prevented the startup of the screen saver. | 3.3 |