Vulnerabilities > Apple > Critical

DATE CVE VULNERABILITY TITLE RISK
2005-07-18 CVE-2005-1689 Double Free vulnerability in multiple products
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
network
low complexity
mit apple debian CWE-415
critical
9.8
2005-02-09 CVE-2004-0962 Unspecified vulnerability in Apple Remote Desktop 2.0.0
Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.
network
low complexity
apple
critical
10.0
2005-01-27 CVE-2004-0926 Multiple Security vulnerability in Apple Mac OS X
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
network
low complexity
easy-software-products apple
critical
10.0
2004-12-31 CVE-2004-2687 Configuration vulnerability in multiple products
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
network
apple samba CWE-16
critical
9.3
2004-12-31 CVE-2004-2154 Improper Handling of Case Sensitivity vulnerability in multiple products
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
network
low complexity
apple canonical CWE-178
critical
9.8
2004-12-31 CVE-2004-0429 Remote Security vulnerability in Apple mac OS X 10.2.8/10.3.3
Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors.
network
low complexity
apple
critical
10.0
2004-12-31 CVE-2004-0090 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors.
network
low complexity
apple
critical
10.0
2004-08-18 CVE-2004-0513 Security vulnerability in Apple Mac OS X
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."
network
low complexity
apple
critical
10.0
2004-08-06 CVE-2004-0539 Unspecified vulnerability in Apple mac OS X and mac OS X Server
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.
network
low complexity
apple
critical
10.0
2004-03-29 CVE-2003-1009 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.
network
low complexity
apple
critical
10.0