Vulnerabilities > Apple > Critical

DATE CVE VULNERABILITY TITLE RISK
2004-03-15 CVE-2004-0168 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."
network
low complexity
apple
critical
10.0
2004-03-03 CVE-2004-0092 Unspecified vulnerability in Apple mac OS X 10.2.8/10.3.2
Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.
network
low complexity
apple
critical
10.0
2003-10-06 CVE-2003-0694 The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
network
low complexity
sendmail sgi apple compaq freebsd gentoo hp ibm netbsd sun turbolinux
critical
10.0
2003-08-27 CVE-2003-0502 Denial-Of-Service vulnerability in Darwin Streaming Server
Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a ..
network
low complexity
apple
critical
10.0
2003-08-27 CVE-2003-0466 Off-by-one Error vulnerability in multiple products
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
network
low complexity
wuftpd redhat apple sun freebsd netbsd openbsd CWE-193
critical
9.8
2003-08-27 CVE-2003-0426 Remote Security vulnerability in Apple Darwin Streaming Server 4.1.3
The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.
network
low complexity
apple
critical
10.0
2003-08-27 CVE-2003-0421 Denial-Of-Service vulnerability in Apple Darwin Streaming Server 4.1.3
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g.
network
low complexity
apple
critical
10.0
2003-05-05 CVE-2003-0201 Remote Buffer Overflow vulnerability in Samba 'call_trans2open'
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
network
low complexity
samba samba-tng apple compaq hp sun
critical
10.0
2002-12-26 CVE-2002-1383 Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun.
network
low complexity
easy-software-products apple
critical
10.0
2002-12-26 CVE-2002-1369 Buffer Overflow vulnerability in CUPS strncat() Function Call
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
network
low complexity
easy-software-products apple
critical
10.0