Vulnerabilities > Apple > MAC OS X > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-26 | CVE-2002-1366 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | 6.2 |
| 2002-12-11 | CVE-2002-1269 | Local Security vulnerability in Apple mac OS X 10.2.2 Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem. | 4.6 |
| 2002-12-11 | CVE-2002-1268 | Local Security vulnerability in Apple mac OS X 10.2.2 Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD." | 4.6 |
| 2002-12-11 | CVE-2002-1267 | Denial-Of-Service vulnerability in Apple mac OS X 10.2.2 Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible." | 5.0 |
| 2002-12-11 | CVE-2002-1266 | Local Security vulnerability in Apple mac OS X 10.2.2 Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File." | 4.6 |
| 2002-11-12 | CVE-2002-1265 | Denial Of Service vulnerability in Multiple Vendor Sun RPC LibC TCP Time-Out The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). | 5.0 |
| 2002-11-04 | CVE-2002-0666 | Denial of Service vulnerability in Multiple Vendor IPSec Implementation IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. | 5.0 |
| 2002-08-12 | CVE-2002-0659 | Denial Of Service vulnerability in OpenSSL ASN.1 Parsing Error The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. | 5.0 |