The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.
Max CVSS
5.9
EPSS Score
0.14%
Published
2011-06-24
Updated
2024-02-09
Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet.
Max CVSS
5.8
EPSS Score
4.24%
Published
2007-08-03
Updated
2017-07-29
Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.
Max CVSS
5.8
EPSS Score
2.45%
Published
2008-03-18
Updated
2017-08-08
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object.
Max CVSS
5.8
EPSS Score
9.48%
Published
2008-03-18
Updated
2017-08-08
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
Max CVSS
5.8
EPSS Score
0.23%
Published
2008-03-18
Updated
2017-08-08
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.
Max CVSS
5.8
EPSS Score
0.43%
Published
2008-03-18
Updated
2017-08-08
Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue."
Max CVSS
5.8
EPSS Score
1.18%
Published
2009-11-10
Updated
2009-11-17
CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address.
Max CVSS
5.8
EPSS Score
0.19%
Published
2010-11-15
Updated
2010-12-10
XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user.
Max CVSS
5.5
EPSS Score
0.04%
Published
2009-02-13
Updated
2024-01-25
Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response.
Max CVSS
5.4
EPSS Score
0.07%
Published
2009-11-10
Updated
2009-11-17
The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions.
Max CVSS
5.3
EPSS Score
0.34%
Published
2016-03-24
Updated
2016-12-20
Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request.
Max CVSS
5.3
EPSS Score
0.34%
Published
2016-03-24
Updated
2016-12-20
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
Max CVSS
5.3
EPSS Score
0.34%
Published
2016-03-24
Updated
2016-12-20

CVE-2004-0430

Public exploit
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.
Max CVSS
5.1
EPSS Score
10.57%
Published
2004-07-07
Updated
2017-07-11
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
Max CVSS
5.1
EPSS Score
1.25%
Published
2005-05-04
Updated
2011-03-08
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
Max CVSS
5.1
EPSS Score
0.65%
Published
2005-05-04
Updated
2011-03-08
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
Max CVSS
5.1
EPSS Score
0.49%
Published
2005-08-19
Updated
2008-09-10
Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
Max CVSS
5.1
EPSS Score
5.52%
Published
2005-10-25
Updated
2017-07-11
Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.
Max CVSS
5.1
EPSS Score
0.60%
Published
2006-08-03
Updated
2017-07-20

CVE-2006-0395

Public exploit
The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types.
Max CVSS
5.1
EPSS Score
3.40%
Published
2006-08-05
Updated
2017-07-20
Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment.
Max CVSS
5.1
EPSS Score
45.02%
Published
2006-03-14
Updated
2018-10-19

CVE-2006-0848

Public exploit
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension.
Max CVSS
5.1
EPSS Score
97.47%
Published
2006-02-22
Updated
2017-07-20
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function.
Max CVSS
5.1
EPSS Score
2.14%
Published
2006-04-21
Updated
2017-07-20
Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.
Max CVSS
5.1
EPSS Score
1.56%
Published
2006-08-02
Updated
2011-04-07
Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image.
Max CVSS
5.1
EPSS Score
1.18%
Published
2006-08-03
Updated
2017-07-20
105 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!