Vulnerabilities > Apple > MAC OS X
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-10-06 | CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | 10.0 |
| 2003-10-06 | CVE-2003-0681 | Buffer Overflow vulnerability in Sendmail Ruleset Parsing A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | 7.5 |
| 2003-08-27 | CVE-2003-0466 | Off-by-one Error vulnerability in multiple products Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | 9.8 |
| 2003-08-18 | CVE-2003-0518 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. | 4.6 |
| 2003-06-16 | CVE-2003-0378 | Unspecified vulnerability in Apple mac OS X The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. | 7.5 |
| 2003-06-09 | CVE-2003-0242 | Unspecified vulnerability in Apple mac OS X IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | 7.5 |
| 2003-05-05 | CVE-2003-0201 | Remote Buffer Overflow vulnerability in Samba 'call_trans2open' Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | 10.0 |
| 2003-05-05 | CVE-2003-0198 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. | 6.4 |
| 2003-05-05 | CVE-2003-0171 | Unspecified vulnerability in Apple mac OS X and mac OS X Server DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | 7.2 |
| 2003-03-03 | CVE-2003-0088 | Privilege Escalation vulnerability in Apple MacOS Classic TruBlueEnvironment Environment Variable TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | 7.2 |