Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Subscriptions
Total 5567 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1339 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
CVE-2005-1338 1 Apple 1 Mac Os X 2024-11-21 N/A
Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.
CVE-2005-1337 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.
CVE-2005-1336 1 Apple 1 Mac Os X 2024-11-21 N/A
Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
CVE-2005-1335 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
CVE-2005-1333 1 Apple 1 Mac Os X 2024-11-21 N/A
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
CVE-2005-1332 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.
CVE-2005-1331 1 Apple 3 Applescript, Mac Os X, Mac Os X Server 2024-11-21 N/A
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
CVE-2005-1330 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
CVE-2005-1307 2 Adobe, Apple 2 Version Cue, Mac Os X 2024-11-21 N/A
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
CVE-2005-1260 5 Apple, Bzip, Canonical and 2 more 5 Mac Os X, Bzip2, Ubuntu Linux and 2 more 2024-11-21 N/A
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2005-1043 7 Apple, Conectiva, Peachtree and 4 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2024-11-21 N/A
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2005-0985 1 Apple 1 Mac Os X 2024-11-21 N/A
Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver.
CVE-2005-0975 2 Apple, Opendarwin 3 Mac Os X, Mac Os X Server, Darwin Kernel 2024-11-21 N/A
Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.
CVE-2005-0974 1 Apple 1 Mac Os X 2024-11-21 N/A
Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
CVE-2005-0973 1 Apple 1 Mac Os X 2024-11-21 N/A
Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.
CVE-2005-0972 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.
CVE-2005-0971 1 Apple 1 Mac Os X 2024-11-21 N/A
Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
CVE-2005-0970 1 Apple 1 Mac Os X 2024-11-21 N/A
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.
CVE-2005-0969 1 Apple 1 Mac Os X 2024-11-21 N/A
Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.