Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-16 | CVE-2013-1033 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Screen Lock in Apple Mac OS X before 10.8.5 does not properly track sessions, which allows remote authenticated users to bypass locking by leveraging screen-sharing access. | 5.5 |
| 2013-09-16 | CVE-2013-1032 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and Quicktime QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file. | 6.8 |
| 2013-09-16 | CVE-2013-1031 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a locking failure had prevented the startup of the screen saver. | 3.3 |
| 2013-09-16 | CVE-2013-1030 | Information Exposure vulnerability in Apple mac OS X mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |
| 2013-09-16 | CVE-2013-1029 | Improper Input Validation vulnerability in Apple mac OS X The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser. | 4.9 |
| 2013-09-16 | CVE-2013-1028 | Improper Input Validation vulnerability in Apple Iphone OS and mac OS X The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate. | 5.8 |
| 2013-09-16 | CVE-2013-1027 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Installer in Apple Mac OS X before 10.8.5 provides an option to continue a package's installation after encountering a revoked certificate, which might allow user-assisted remote attackers to execute arbitrary code via a crafted package. | 6.8 |
| 2013-09-16 | CVE-2013-1026 | Buffer Errors vulnerability in Apple Iphone OS and mac OS X Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. | 6.8 |
| 2013-09-16 | CVE-2013-1025 | Buffer Errors vulnerability in Apple Iphone OS and mac OS X Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document. | 6.8 |
| 2013-09-12 | CVE-2013-5324 | Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3361, CVE-2013-3362, and CVE-2013-3363. | 10.0 |