Vulnerabilities > Apple > MAC OS X > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-19 | CVE-2005-2518 | Unspecified vulnerability in Apple mac OS X 10.3.9/10.4.2 Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | 7.5 |
2005-08-19 | CVE-2005-2516 | Unspecified vulnerability in Apple mac OS X and Safari Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands. | 7.5 |
2005-08-19 | CVE-2005-2514 | Unspecified vulnerability in Apple mac OS X 10.3.9 Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code. | 7.5 |
2005-08-19 | CVE-2005-2505 | Unspecified vulnerability in Apple mac OS X 10.3.9 Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation. | 7.5 |
2005-08-19 | CVE-2005-2504 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid. | 7.2 |
2005-08-19 | CVE-2005-2501 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file. | 7.6 |
2005-06-16 | CVE-2005-1722 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | 7.2 |
2005-06-13 | CVE-2005-1933 | Remote Security vulnerability in Apple mac OS X 10.4 Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | 7.5 |
2005-06-13 | CVE-2005-1474 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | 7.5 |
2005-05-17 | CVE-2005-1307 | Local Privilege Escalation vulnerability in Adobe Version Cue The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | 7.2 |