Filtered by vendor Apple Subscriptions
Filtered by product Mac Os X Subscriptions
Total 5567 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-0877 1 Apple 1 Mac Os X 2024-11-21 N/A
Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory.
CVE-2003-0876 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.
CVE-2003-0871 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."
CVE-2003-0804 3 Apple, Freebsd, Openbsd 4 Mac Os X, Mac Os X Server, Freebsd and 1 more 2024-11-21 N/A
The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.
CVE-2003-0694 12 Apple, Compaq, Freebsd and 9 more 20 Mac Os X, Mac Os X Server, Tru64 and 17 more 2024-11-21 N/A
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
CVE-2003-0681 9 Apple, Gentoo, Hp and 6 more 15 Mac Os X, Mac Os X Server, Linux and 12 more 2024-11-21 N/A
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
CVE-2003-0518 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 10 Mac Os X, Mac Os X Server, Freebsd and 7 more 2024-11-21 9.8 Critical
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVE-2003-0378 1 Apple 1 Mac Os X 2024-11-21 N/A
The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set.
CVE-2003-0242 1 Apple 1 Mac Os X 2024-11-21 N/A
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies.
CVE-2003-0201 7 Apple, Compaq, Hp and 4 more 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more 2024-11-21 N/A
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVE-2003-0198 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.
CVE-2003-0171 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.
CVE-2003-0088 1 Apple 1 Mac Os X 2024-11-21 N/A
TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information.
CVE-2003-0049 1 Apple 2 Mac Os X, Mac Os X Server 2024-11-21 N/A
Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password.
CVE-2002-2326 1 Apple 1 Mac Os X 2024-11-21 N/A
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
CVE-2002-1898 1 Apple 2 Mac Os X, Terminal 2024-11-21 N/A
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
CVE-2002-1383 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2024-11-21 N/A
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun.
CVE-2002-1372 3 Apple, Debian, Redhat 4 Cups, Mac Os X, Debian Linux and 1 more 2024-11-21 7.5 High
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
CVE-2002-1371 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2024-11-21 N/A
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.