Vulnerabilities > Apple > MAC OS X > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-12 | CVE-2005-0972 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters. | 7.2 |
2005-05-04 | CVE-2005-1342 | Multiple vulnerability in Apple Mac OS X The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. | 7.5 |
2005-05-04 | CVE-2005-1340 | Remote Security vulnerability in Apple mac OS X 10.3.9 The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy. | 7.5 |
2005-05-04 | CVE-2005-1339 | Remote Security vulnerability in Mac OS X Server lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. | 7.5 |
2005-05-04 | CVE-2005-1337 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | 7.5 |
2005-05-04 | CVE-2005-1335 | Local Security vulnerability in Mac OS X Server Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." | 7.2 |
2005-05-04 | CVE-2005-1332 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | 7.5 |
2005-05-03 | CVE-2005-1343 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | 7.2 |
2005-05-02 | CVE-2005-0970 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts. | 7.6 |
2005-05-02 | CVE-2005-0126 | Remote Buffer Overflow vulnerability in Apple ColorSync ICC Header ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. | 7.5 |