Vulnerabilities > Apple > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-06-16 | CVE-2003-0270 | Unspecified vulnerability in Apple 802.11N 7.3.1 The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections. | 7.6 |
| 2003-06-09 | CVE-2003-0242 | Unspecified vulnerability in Apple mac OS X IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | 7.5 |
| 2003-05-05 | CVE-2003-0171 | Unspecified vulnerability in Apple mac OS X and mac OS X Server DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | 7.2 |
| 2003-04-02 | CVE-2003-0168 | Unspecified vulnerability in Apple Quicktime 5.0/6.0 Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. | 7.5 |
| 2003-03-07 | CVE-2003-0055 | Buffer Overrun vulnerability in Apple Quicktime/Darwin MP3 Broadcaster Filename Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. | 7.5 |
| 2003-03-07 | CVE-2003-0054 | Unspecified vulnerability in Apple products Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | 7.5 |
| 2003-03-07 | CVE-2003-0050 | Unspecified vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. | 7.5 |
| 2003-03-03 | CVE-2003-0088 | Privilege Escalation vulnerability in Apple MacOS Classic TruBlueEnvironment Environment Variable TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | 7.2 |
| 2003-03-03 | CVE-2003-0049 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. | 7.5 |
| 2002-12-31 | CVE-2002-2373 | Configuration vulnerability in Apple TCP IP Configuration Utility 12640 The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | 7.5 |