Vulnerabilities > Apple > MAC OS X > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-03-15 | CVE-2004-0167 | Remote vulnerability in Multiple Apple Mac OS X Local And DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | 7.5 |
| 2003-11-17 | CVE-2001-1411 | Local Security vulnerability in Apple mac OS X 10.4.9 Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | 7.2 |
| 2003-11-03 | CVE-2003-0881 | Remote Security vulnerability in Mac OS X Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | 7.5 |
| 2003-11-03 | CVE-2003-0871 | Apple Quicktime Java vulnerability in Apple Mac OS X 10.3 Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system." | 7.5 |
| 2003-10-06 | CVE-2003-0681 | Buffer Overflow vulnerability in Sendmail Ruleset Parsing A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | 7.5 |
| 2003-06-16 | CVE-2003-0378 | Unspecified vulnerability in Apple mac OS X The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. | 7.5 |
| 2003-06-09 | CVE-2003-0242 | Unspecified vulnerability in Apple mac OS X IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | 7.5 |
| 2003-05-05 | CVE-2003-0171 | Unspecified vulnerability in Apple mac OS X and mac OS X Server DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | 7.2 |
| 2003-03-03 | CVE-2003-0088 | Privilege Escalation vulnerability in Apple MacOS Classic TruBlueEnvironment Environment Variable TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | 7.2 |
| 2003-03-03 | CVE-2003-0049 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. | 7.5 |