Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-04 | CVE-2005-1331 | Multiple vulnerability in Apple Mac OS X The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. | 5.1 |
| 2005-05-04 | CVE-2005-1330 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | 4.9 |
| 2005-05-03 | CVE-2005-1430 | Local Security vulnerability in Mac OS X Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | 3.6 |
| 2005-05-03 | CVE-2005-1343 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | 7.2 |
| 2005-05-02 | CVE-2005-0975 | Local Integer Overflow vulnerability in Darwin Kernel Mach File Parsing Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header. | 2.1 |
| 2005-05-02 | CVE-2005-0970 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts. | 7.6 |
| 2005-05-02 | CVE-2005-0712 | Unspecified vulnerability in Apple mac OS X 10.1/10.2/10.3.4 Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | 4.6 |
| 2005-05-02 | CVE-2005-0342 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | 2.1 |
| 2005-05-02 | CVE-2005-0127 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. | 5.0 |
| 2005-05-02 | CVE-2005-0126 | Remote Buffer Overflow vulnerability in Apple ColorSync ICC Header ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. | 7.5 |