Vulnerabilities > Apple > MAC OS X > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-10-07 | CVE-2005-0373 | Remote And Local vulnerability in Cyrus SASL Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | 7.5 |
2004-09-07 | CVE-2004-0823 | OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. | 7.5 |
2004-09-07 | CVE-2004-0822 | Environment Variable Buffer Overflow vulnerability in Apple CoreFoundation Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | 7.2 |
2004-08-18 | CVE-2004-0518 | Remote Security vulnerability in Apple Mac OS X Server Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | 7.5 |
2004-08-18 | CVE-2004-0514 | Security vulnerability in Apple Mac OS X Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | 7.2 |
2004-08-06 | CVE-2004-0538 | Unspecified vulnerability in Apple mac OS X and mac OS X Server LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | 7.5 |
2004-07-07 | CVE-2004-0486 | Remote Code Execution vulnerability in Apple Mac OS X Help Protocol HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. | 7.6 |
2004-05-04 | CVE-2004-0383 | Unspecified vulnerability in Apple mac OS X 10.2.8/10.3.3 Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." | 7.2 |
2004-05-04 | CVE-2004-0382 | Unspecified vulnerability in Apple mac OS X 10.2.8/10.3.3 Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting. | 7.2 |
2004-03-29 | CVE-2003-1011 | Local Root Privilege Elevation vulnerability in MacOS X Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell. | 7.2 |