Vulnerabilities > Apple > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2326 | Cryptographic Issues vulnerability in Apple mac OS X The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic. | 5.0 |
2002-12-26 | CVE-2002-1366 | Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | 6.2 |
2002-12-11 | CVE-2002-1269 | Local Security vulnerability in Apple mac OS X 10.2.2 Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem. | 4.6 |
2002-12-11 | CVE-2002-1268 | Local Security vulnerability in Apple mac OS X 10.2.2 Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD." | 4.6 |
2002-12-11 | CVE-2002-1267 | Denial-Of-Service vulnerability in Apple mac OS X 10.2.2 Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible." | 5.0 |
2002-12-11 | CVE-2002-1266 | Local Security vulnerability in Apple mac OS X 10.2.2 Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File." | 4.6 |
2002-11-12 | CVE-2002-1265 | Denial Of Service vulnerability in Multiple Vendor Sun RPC LibC TCP Time-Out The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). | 5.0 |
2002-11-04 | CVE-2002-0666 | Denial of Service vulnerability in Multiple Vendor IPSec Implementation IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. | 5.0 |
2002-08-12 | CVE-2002-0659 | Denial Of Service vulnerability in OpenSSL ASN.1 Parsing Error The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. | 5.0 |
2001-12-31 | CVE-2001-1575 | Authentication DoS vulnerability in Apple Personal web Sharing 1.1/1.5/1.5.5 Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow. | 5.0 |