Vulnerabilities > Apple > MAC OS X > 10.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-31 | CVE-2006-6906 | Local Security vulnerability in Mac OS X Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900. | 7.2 |
| 2006-12-20 | CVE-2006-6652 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. | 9.0 |
| 2006-11-30 | CVE-2006-6173 | Local Memory Corruption vulnerability in Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter. | 7.2 |
| 2006-11-30 | CVE-2006-4412 | Multiple Security vulnerability in Apple Mac OS X 2006-007 WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects. network apple | 6.8 |
| 2006-11-30 | CVE-2006-4411 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2006-11-30 | CVE-2006-4407 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. | 5.0 |
| 2006-11-30 | CVE-2006-4406 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2006-11-30 | CVE-2006-4404 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges. | 10.0 |
| 2006-11-30 | CVE-2006-4403 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames. | 4.0 |
| 2006-11-30 | CVE-2006-4402 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files. | 5.1 |