Vulnerabilities > Apple > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-12 | CVE-2005-1579 | Information Disclosure vulnerability in Apple Quicktime 7.0 Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. | 5.0 |
2005-05-12 | CVE-2005-0971 | Unspecified vulnerability in Apple mac OS X Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | 4.6 |
2005-05-12 | CVE-2005-0969 | Unspecified vulnerability in Apple mac OS X Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters. | 4.6 |
2005-05-04 | CVE-2005-1341 | Multiple vulnerability in Apple Mac OS X Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | 5.1 |
2005-05-04 | CVE-2005-1338 | Local Security vulnerability in Apple mac OS X 10.3.9 Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. | 4.6 |
2005-05-04 | CVE-2005-1336 | Local Security vulnerability in Apple mac OS X 10.3.9 Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | 4.6 |
2005-05-04 | CVE-2005-1333 | Directory Traversal vulnerability in Apple mac OS X 10.3.9 Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | 5.0 |
2005-05-04 | CVE-2005-1331 | Multiple vulnerability in Apple Mac OS X The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. | 5.1 |
2005-05-04 | CVE-2005-1330 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | 4.9 |
2005-05-02 | CVE-2005-1106 | Denial-Of-Service vulnerability in Apple Quicktime Pictureviewer 6.5.2 PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow. | 5.0 |