Mac OS X
by Apple Inc.
CVEs (2,090)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6173 | 0.03 | — | 0.01 | Nov 30, 2006 | Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the… | |||
| CVE-2006-6130 | 0.03 | — | 0.01 | Nov 28, 2006 | Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket. | |||
| CVE-2006-6129 | 0.03 | — | 0.01 | Nov 27, 2006 | Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption. | |||
| CVE-2006-6062 | 0.03 | — | 0.05 | Nov 22, 2006 | Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. | |||
| CVE-2006-6015 | 0.03 | — | 0.04 | Nov 21, 2006 | Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression. | |||
| CVE-2006-5836 | 0.03 | — | 0.01 | Nov 10, 2006 | The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized file type. | |||
| CVE-2006-4392 | 0.03 | — | 0.02 | Oct 3, 2006 | The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread… | |||
| CVE-2006-3507 | 0.03 | — | 0.01 | Sep 21, 2006 | Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. | |||
| CVE-2006-4866 | 0.03 | — | 0.01 | Sep 19, 2006 | Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | |||
| CVE-2005-2713 | 0.03 | — | 0.01 | Dec 31, 2005 | passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. | |||
| CVE-2005-2508 | 0.03 | — | 0.01 | Aug 19, 2005 | dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts. | |||
| CVE-2005-2523 | 0.03 | — | 0.01 | Aug 19, 2005 | Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||
| CVE-2005-1725 | 0.03 | — | 0.01 | Jun 8, 2005 | launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. | |||
| CVE-2005-1307 | 0.03 | — | 0.04 | May 17, 2005 | The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled… | |||
| CVE-2005-0342 | 0.03 | — | 0.01 | May 2, 2005 | The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | |||
| CVE-2005-0713 | 0.03 | — | 0.01 | Mar 21, 2005 | The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | |||
| CVE-2005-0716 | 0.03 | — | 0.01 | Mar 21, 2005 | Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. | |||
| CVE-2004-0824 | 0.03 | — | 0.01 | Dec 31, 2004 | PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | |||
| CVE-2003-1006 | 0.03 | — | 0.01 | Mar 29, 2004 | Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||
| CVE-2001-1412 | 0.03 | — | 0.01 | Nov 17, 2003 | nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument. |
- CVE-2006-6173Nov 30, 2006risk 0.03cvss —epss 0.01
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the…
- CVE-2006-6130Nov 28, 2006risk 0.03cvss —epss 0.01
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.
- CVE-2006-6129Nov 27, 2006risk 0.03cvss —epss 0.01
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
- CVE-2006-6062Nov 22, 2006risk 0.03cvss —epss 0.05
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.
- CVE-2006-6015Nov 21, 2006risk 0.03cvss —epss 0.04
Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression.
- CVE-2006-5836Nov 10, 2006risk 0.03cvss —epss 0.01
The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized file type.
- CVE-2006-4392Oct 3, 2006risk 0.03cvss —epss 0.02
The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread…
- CVE-2006-3507Sep 21, 2006risk 0.03cvss —epss 0.01
Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network.
- CVE-2006-4866Sep 19, 2006risk 0.03cvss —epss 0.01
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
- CVE-2005-2713Dec 31, 2005risk 0.03cvss —epss 0.01
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
- CVE-2005-2508Aug 19, 2005risk 0.03cvss —epss 0.01
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
- CVE-2005-2523Aug 19, 2005risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
- CVE-2005-1725Jun 8, 2005risk 0.03cvss —epss 0.01
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.
- CVE-2005-1307May 17, 2005risk 0.03cvss —epss 0.04
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled…
- CVE-2005-0342May 2, 2005risk 0.03cvss —epss 0.01
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
- CVE-2005-0713Mar 21, 2005risk 0.03cvss —epss 0.01
The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.
- CVE-2005-0716Mar 21, 2005risk 0.03cvss —epss 0.01
Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
- CVE-2004-0824Dec 31, 2004risk 0.03cvss —epss 0.01
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.
- CVE-2003-1006Mar 29, 2004risk 0.03cvss —epss 0.01
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.
- CVE-2001-1412Nov 17, 2003risk 0.03cvss —epss 0.01
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.
Page 36 of 105