Vulnerabilities > Apple > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-26 | CVE-2002-1372 | Unchecked Return Value vulnerability in multiple products Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | 7.5 |
| 2002-12-26 | CVE-2002-1371 | filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | 7.5 |
| 2002-12-26 | CVE-2002-1368 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | 7.5 |
| 2002-09-24 | CVE-2002-0376 | Buffer Overrun vulnerability in Apple Quicktime 5.0.2 Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. | 7.5 |
| 2002-08-12 | CVE-2002-0656 | Buffer Overflow vulnerability in OpenSSL SSLv3 Session ID Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | 7.5 |
| 2002-08-12 | CVE-2002-0655 | Buffer Overflow vulnerability in OpenSSL ASCII Representation Of Integers OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
| 2002-07-11 | CVE-2002-0676 | Unspecified vulnerability in Apple mac OS X SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | 7.5 |
| 2002-05-29 | CVE-2002-0252 | Remote Buffer Overflow vulnerability in Apple QuickTime Content-Type Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header. | 7.5 |
| 2001-12-31 | CVE-2001-1531 | Buffer Overflow vulnerability in Apple Claris Emailer 2.0V2 Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename. | 7.5 |
| 2001-12-31 | CVE-2001-1480 | Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard. | 7.5 |