Vulnerabilities > Apple > Medium

DATE CVE VULNERABILITY TITLE RISK
2004-07-07 CVE-2004-0430 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.
network
high complexity
apple
5.1
2004-05-03 CVE-2004-0428 Large Input vulnerability in Apple Mac OS X CoreFoundation
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact.
network
low complexity
apple
5.0
2004-03-29 CVE-2003-1010 Local Privilege Escalation vulnerability in Apple MacOS X fs_usage
Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors.
local
low complexity
apple
4.6
2004-03-29 CVE-2003-1008 Local Security vulnerability in Mac OS X Server
Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.
local
low complexity
apple
4.6
2004-03-29 CVE-2003-1007 Unspecified vulnerability in Apple MacOS X AppleFileServer
AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact.
network
low complexity
apple
5.0
2004-03-15 CVE-2004-0169 Remote Denial of Service vulnerability in Apple Darwin Streaming Server 4.1.3
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.
network
low complexity
apple
5.0
2004-03-15 CVE-2004-0166 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar."
network
low complexity
apple
5.0
2004-03-15 CVE-2004-0165 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges.
network
low complexity
apple
5.0
2004-03-03 CVE-2004-0089 Local Buffer Overflow vulnerability in Apple mac OS X 10.2.8/10.3.9
Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable.
local
low complexity
apple
4.6
2004-03-03 CVE-2004-0086 Unspecified vulnerability in Apple mac OS X 10.3.2
Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085.
network
low complexity
apple
5.0