Vulnerabilities > Apple > MAC OS X > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-26 | CVE-2002-1372 | Unchecked Return Value vulnerability in multiple products Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | 7.5 |
| 2002-12-26 | CVE-2002-1371 | filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | 7.5 |
| 2002-12-26 | CVE-2002-1368 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | 7.5 |
| 2002-08-12 | CVE-2002-0656 | Buffer Overflow vulnerability in OpenSSL SSLv3 Session ID Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | 7.5 |
| 2002-08-12 | CVE-2002-0655 | Buffer Overflow vulnerability in OpenSSL ASCII Representation Of Integers OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
| 2002-07-11 | CVE-2002-0676 | Unspecified vulnerability in Apple mac OS X SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | 7.5 |
| 2001-12-06 | CVE-2001-0720 | Unspecified vulnerability in Apple mac OS X 10.4.9 Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | 7.5 |
| 2001-10-17 | CVE-2001-1447 | Privilege Escalation vulnerability in MacOS X NetInfo Manager NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. | 7.2 |
| 2001-09-11 | CVE-2001-1446 | Unspecified vulnerability in Apple mac OS X Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories. | 7.5 |