VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,445 total · sorted by risk
  • CVE-2005-2504Aug 19, 2005
    risk 0.00cvss epss 0.00

    The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.

  • CVE-2005-2516Aug 19, 2005
    risk 0.00cvss epss 0.05

    Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.

  • CVE-2005-2501Aug 19, 2005
    risk 0.00cvss epss 0.04

    Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.

  • CVE-2005-2196Jul 19, 2005
    risk 0.00cvss epss 0.00

    The Apple AirPort card uses a default WEP key when not connected to a known or trusted network, which can cause it to automatically connect to a malicious network.

  • CVE-2005-2195Jul 18, 2005
    risk 0.00cvss epss 0.02

    Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than…

  • CVE-2005-2272Jul 13, 2005
    risk 0.00cvss epss 0.02

    Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."

  • CVE-2005-1722Jun 16, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions.

  • CVE-2005-1721Jun 16, 2005
    risk 0.00cvss epss 0.02

    Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code.

  • CVE-2005-1720Jun 16, 2005
    risk 0.00cvss epss 0.00

    AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL.

  • CVE-2005-1474Jun 13, 2005
    risk 0.00cvss epss 0.01

    Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933.

  • CVE-2005-1933Jun 13, 2005
    risk 0.00cvss epss 0.02

    Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474.

  • CVE-2005-1473Jun 13, 2005
    risk 0.00cvss epss 0.00

    SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.

  • CVE-2005-1723Jun 8, 2005
    risk 0.00cvss epss 0.01

    LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended…

  • CVE-2005-1724Jun 8, 2005
    risk 0.00cvss epss 0.01

    NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions.

  • CVE-2005-1727Jun 8, 2005
    risk 0.00cvss epss 0.00

    Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."

  • CVE-2005-1728Jun 8, 2005
    risk 0.00cvss epss 0.00

    MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.

  • CVE-2005-1408May 26, 2005
    risk 0.00cvss epss 0.02

    Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation.

  • CVE-2005-1472May 19, 2005
    risk 0.00cvss epss 0.00

    Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.

  • CVE-2005-1260May 19, 2005
    risk 0.00cvss epss 0.06

    bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

  • CVE-2005-1248May 16, 2005
    risk 0.00cvss epss 0.05

    Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file.

  • CVE-2005-0969May 12, 2005
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.

  • CVE-2005-0973May 12, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.

  • CVE-2005-0971May 12, 2005
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

  • CVE-2005-0972May 12, 2005
    risk 0.00cvss epss 0.00

    Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.

  • CVE-2005-0974May 12, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

  • CVE-2005-1579May 12, 2005
    risk 0.00cvss epss 0.02

    Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker.

  • CVE-2005-1505May 11, 2005
    risk 0.00cvss epss 0.01

    The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext.

  • CVE-2005-1337May 4, 2005
    risk 0.00cvss epss 0.01

    Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.

  • CVE-2005-1340May 4, 2005
    risk 0.00cvss epss 0.01

    The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.

  • CVE-2005-1335May 4, 2005
    risk 0.00cvss epss 0.01

    Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."

  • CVE-2005-1338May 4, 2005
    risk 0.00cvss epss 0.00

    Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.

  • CVE-2005-1339May 4, 2005
    risk 0.00cvss epss 0.01

    lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.

  • CVE-2005-1332May 4, 2005
    risk 0.00cvss epss 0.02

    Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.

  • CVE-2005-0594May 4, 2005
    risk 0.00cvss epss 0.01

    Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.

  • CVE-2005-1341May 4, 2005
    risk 0.00cvss epss 0.03

    Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.

  • CVE-2005-1342May 4, 2005
    risk 0.00cvss epss 0.05

    The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.

  • CVE-2005-1330May 4, 2005
    risk 0.00cvss epss 0.00

    AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.

  • CVE-2005-1331May 4, 2005
    risk 0.00cvss epss 0.02

    The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain…

  • CVE-2005-1336May 4, 2005
    risk 0.00cvss epss 0.01

    Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.

  • CVE-2005-1430May 3, 2005
    risk 0.00cvss epss 0.00

    Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

  • CVE-2005-1343May 3, 2005
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.

  • CVE-2005-1385May 3, 2005
    risk 0.00cvss epss 0.02

    Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.

  • CVE-2005-0289May 2, 2005
    risk 0.00cvss epss 0.02

    Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs.

  • CVE-2005-0126May 2, 2005
    risk 0.00cvss epss 0.03

    ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap.

  • CVE-2005-0125May 2, 2005
    risk 0.00cvss epss 0.00

    The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which…

  • CVE-2005-0976May 2, 2005
    risk 0.00cvss epss 0.02

    AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.

  • CVE-2005-0970May 2, 2005
    risk 0.00cvss epss 0.01

    Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.

  • CVE-2005-0712May 2, 2005
    risk 0.00cvss epss 0.00

    Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles.

  • CVE-2005-0418May 2, 2005
    risk 0.00cvss epss 0.01

    Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.

  • CVE-2005-0975May 2, 2005
    risk 0.00cvss epss 0.01

    Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.

Page 166 of 169