Total
5524 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1089 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | |||||
CVE-2004-0429 | 1 Apple | 1 Mac Os X | 2017-07-10 | 10.0 HIGH | N/A |
Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. | |||||
CVE-2004-0430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | |||||
CVE-2004-0485 | 1 Apple | 1 Mac Os X | 2017-07-10 | 5.0 MEDIUM | N/A |
The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. | |||||
CVE-2004-0486 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.6 HIGH | N/A |
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. | |||||
CVE-2004-0489 | 1 Apple | 1 Mac Os X | 2017-07-10 | 7.6 HIGH | N/A |
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option. | |||||
CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2017-07-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | |||||
CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.2 HIGH | N/A |
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
CVE-2004-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | |||||
CVE-2004-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.5 HIGH | N/A |
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | |||||
CVE-2004-0743 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak. | |||||
CVE-2004-0744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | |||||
CVE-2004-0821 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.2 HIGH | N/A |
The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. | |||||
CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.2 HIGH | N/A |
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||
CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2017-07-10 | 2.1 LOW | N/A |
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. | |||||
CVE-2004-1123 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-10 | 5.0 MEDIUM | N/A |
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. | |||||
CVE-2003-0913 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." | |||||
CVE-2003-1006 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.2 HIGH | N/A |
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||||
CVE-2003-1007 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. | |||||
CVE-2001-1446 | 1 Apple | 1 Mac Os X | 2017-07-10 | 7.5 HIGH | N/A |
Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories. |