Mac OS X
by Apple Inc.
CVEs (2,090)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-2746 | 0.00 | — | 0.01 | Oct 26, 2005 | Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | |||
| CVE-2005-2748 | 0.00 | — | 0.00 | Oct 25, 2005 | The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. | |||
| CVE-2005-2744 | 0.00 | — | 0.04 | Oct 25, 2005 | Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file. | |||
| CVE-2005-2747 | 0.00 | — | 0.05 | Oct 25, 2005 | Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file. | |||
| CVE-2005-2514 | 0.00 | — | 0.03 | Aug 19, 2005 | Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code. | |||
| CVE-2005-2522 | 0.00 | — | 0.04 | Aug 19, 2005 | Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file. | |||
| CVE-2005-2501 | 0.00 | — | 0.04 | Aug 19, 2005 | Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file. | |||
| CVE-2005-2519 | 0.00 | — | 0.00 | Aug 19, 2005 | slpd in Directory Services in Mac OS X 10.3.9 creates insecure temporary files as root, which allows local users to gain privileges. | |||
| CVE-2005-2512 | 0.00 | — | 0.00 | Aug 19, 2005 | Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak. | |||
| CVE-2005-2517 | 0.00 | — | 0.01 | Aug 19, 2005 | Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site. | |||
| CVE-2005-2521 | 0.00 | — | 0.00 | Aug 19, 2005 | Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors. | |||
| CVE-2005-2505 | 0.00 | — | 0.02 | Aug 19, 2005 | Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation. | |||
| CVE-2005-2507 | 0.00 | — | 0.06 | Aug 19, 2005 | Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | |||
| CVE-2005-2510 | 0.00 | — | 0.00 | Aug 19, 2005 | The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less… | |||
| CVE-2005-2518 | 0.00 | — | 0.05 | Aug 19, 2005 | Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | |||
| CVE-2005-2509 | 0.00 | — | 0.00 | Aug 19, 2005 | Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts. | |||
| CVE-2005-2511 | 0.00 | — | 0.02 | Aug 19, 2005 | Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | |||
| CVE-2005-2513 | 0.00 | — | 0.01 | Aug 19, 2005 | Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields. | |||
| CVE-2005-2502 | 0.00 | — | 0.03 | Aug 19, 2005 | Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file. | |||
| CVE-2005-2525 | 0.00 | — | 0.02 | Aug 19, 2005 | CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). |
- CVE-2005-2746Oct 26, 2005risk 0.00cvss —epss 0.01
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
- CVE-2005-2748Oct 25, 2005risk 0.00cvss —epss 0.00
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.
- CVE-2005-2744Oct 25, 2005risk 0.00cvss —epss 0.04
Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
- CVE-2005-2747Oct 25, 2005risk 0.00cvss —epss 0.05
Buffer overflow in ImageIO for Apple Mac OS X 10.4.2, as used by applications such as WebCore and Safari, allows remote attackers to execute arbitrary code via a crafted GIF file.
- CVE-2005-2514Aug 19, 2005risk 0.00cvss —epss 0.03
Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.
- CVE-2005-2522Aug 19, 2005risk 0.00cvss —epss 0.04
Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.
- CVE-2005-2501Aug 19, 2005risk 0.00cvss —epss 0.04
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.
- CVE-2005-2519Aug 19, 2005risk 0.00cvss —epss 0.00
slpd in Directory Services in Mac OS X 10.3.9 creates insecure temporary files as root, which allows local users to gain privileges.
- CVE-2005-2512Aug 19, 2005risk 0.00cvss —epss 0.00
Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.
- CVE-2005-2517Aug 19, 2005risk 0.00cvss —epss 0.01
Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.
- CVE-2005-2521Aug 19, 2005risk 0.00cvss —epss 0.00
Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.
- CVE-2005-2505Aug 19, 2005risk 0.00cvss —epss 0.02
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.
- CVE-2005-2507Aug 19, 2005risk 0.00cvss —epss 0.06
Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
- CVE-2005-2510Aug 19, 2005risk 0.00cvss —epss 0.00
The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less…
- CVE-2005-2518Aug 19, 2005risk 0.00cvss —epss 0.05
Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
- CVE-2005-2509Aug 19, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.
- CVE-2005-2511Aug 19, 2005risk 0.00cvss —epss 0.02
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.
- CVE-2005-2513Aug 19, 2005risk 0.00cvss —epss 0.01
Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields.
- CVE-2005-2502Aug 19, 2005risk 0.00cvss —epss 0.03
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
- CVE-2005-2525Aug 19, 2005risk 0.00cvss —epss 0.02
CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).
Page 98 of 105