Vulnerabilities > Apple > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-07-07 | CVE-2004-0431 | Unspecified vulnerability in Apple Quicktime Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. | 5.1 |
2004-07-07 | CVE-2004-0430 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | 5.1 |
2004-05-03 | CVE-2004-0428 | Large Input vulnerability in Apple Mac OS X CoreFoundation Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | 5.0 |
2004-03-29 | CVE-2003-1010 | Local Privilege Escalation vulnerability in Apple MacOS X fs_usage Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. | 4.6 |
2004-03-29 | CVE-2003-1008 | Local Security vulnerability in Mac OS X Server Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. | 4.6 |
2004-03-29 | CVE-2003-1007 | Unspecified vulnerability in Apple MacOS X AppleFileServer AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. | 5.0 |
2004-03-15 | CVE-2004-0169 | Remote Denial of Service vulnerability in Apple Darwin Streaming Server 4.1.3 QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. | 5.0 |
2004-03-15 | CVE-2004-0166 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar." | 5.0 |
2004-03-15 | CVE-2004-0165 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | 5.0 |
2004-03-03 | CVE-2004-0089 | Local Buffer Overflow vulnerability in Apple mac OS X 10.2.8/10.3.9 Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | 4.6 |