Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-24 | CVE-2013-5192 | Improper Input Validation vulnerability in Apple mac OS X The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number. | 4.9 |
| 2013-10-24 | CVE-2013-5191 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions. | 2.1 |
| 2013-10-24 | CVE-2013-5190 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure. | 4.3 |
| 2013-10-24 | CVE-2013-5189 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the completion of an update. | 5.8 |
| 2013-10-24 | CVE-2013-5188 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The Screen Lock implementation in Apple Mac OS X before 10.9, when hibernation and autologin are enabled, does not require a password for a transition out of hibernation, which allows physically proximate attackers to obtain access by visiting an unattended workstation in the hibernating state. | 4.0 |
| 2013-10-24 | CVE-2013-5187 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. | 1.9 |
| 2013-10-24 | CVE-2013-5186 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. | 2.1 |
| 2013-10-24 | CVE-2013-5185 | Cryptographic Issues vulnerability in Apple mac OS X The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network. | 4.3 |
| 2013-10-24 | CVE-2013-5184 | Resource Management Errors vulnerability in Apple mac OS X The kernel in Apple Mac OS X before 10.9 does not properly check for errors during the processing of multicast Wi-Fi packets, which allows remote attackers to cause a denial of service (system crash) by leveraging presence in an 802.11 network's coverage area. | 5.7 |
| 2013-10-24 | CVE-2013-5183 | Information Exposure vulnerability in Apple mac OS X Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network. | 2.6 |