Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2002-12-11 CVE-2002-1270 Local Security vulnerability in Apple mac OS X 10.2.2
Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call.
local
low complexity
apple
2.1
2002-12-11 CVE-2002-1269 Local Security vulnerability in Apple mac OS X 10.2.2
Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem.
local
low complexity
apple
4.6
2002-12-11 CVE-2002-1268 Local Security vulnerability in Apple mac OS X 10.2.2
Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD."
local
low complexity
apple
4.6
2002-12-11 CVE-2002-1267 Denial-Of-Service vulnerability in Apple mac OS X 10.2.2
Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible."
network
low complexity
apple
5.0
2002-12-11 CVE-2002-1266 Local Security vulnerability in Apple mac OS X 10.2.2
Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File."
local
low complexity
apple
4.6
2002-11-12 CVE-2002-1265 Denial Of Service vulnerability in Multiple Vendor Sun RPC LibC TCP Time-Out
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
network
low complexity
gnu sgi apple
5.0
2002-11-04 CVE-2002-0666 Denial of Service vulnerability in Multiple Vendor IPSec Implementation
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
5.0
2002-09-24 CVE-2002-0376 Buffer Overrun vulnerability in Apple Quicktime 5.0.2
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.
network
low complexity
apple
7.5
2002-08-12 CVE-2002-0659 Denial Of Service vulnerability in OpenSSL ASN.1 Parsing Error
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
network
low complexity
openssl oracle apple
5.0
2002-08-12 CVE-2002-0656 Buffer Overflow vulnerability in OpenSSL SSLv3 Session ID
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
network
low complexity
openssl oracle apple
7.5