CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X » 10.2.5 : Security Vulnerabilities (Overflow)

Cpe Name:cpe:/o:apple:mac_os_x:10.2.5
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-0984 119 DoS Exec Code Overflow 2013-06-05 2013-06-05
9.3
 None Remote Medium Not required Complete Complete Complete
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
2 CVE-2012-3723 119 DoS Exec Code Overflow Mem. Corr. 2012-09-20 2013-03-22
4.6
 None Local Low Not required Partial Partial Partial
Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.
3 CVE-2012-0662 189 DoS Exec Code Overflow Mem. Corr. 2012-05-10 2012-05-29
7.5
 None Remote Low Not required Partial Partial Partial
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
4 CVE-2012-0660 119 DoS Exec Code Overflow 2012-05-10 2012-05-29
6.8
 None Remote Medium Not required Partial Partial Partial
Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.
5 CVE-2012-0659 189 DoS Exec Code Overflow 2012-05-10 2012-05-29
6.8
 None Remote Medium Not required Partial Partial Partial
Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.
6 CVE-2012-0658 119 DoS Exec Code Overflow 2012-05-10 2012-05-29
6.8
 None Remote Medium Not required Partial Partial Partial
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.
7 CVE-2012-0654 119 DoS Exec Code Overflow 2012-05-10 2012-05-29
6.8
 None Remote Medium Not required Partial Partial Partial
libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate.
8 CVE-2012-0650 119 DoS Exec Code Overflow 2012-09-20 2012-09-21
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
9 CVE-2011-3223 119 DoS Exec Code Overflow 2011-10-14 2012-01-13
6.8
 None Remote Medium Not required Partial Partial Partial
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file.
10 CVE-2011-3222 119 DoS Exec Code Overflow 2011-10-14 2012-01-13
6.8
 None Remote Medium Not required Partial Partial Partial
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
11 CVE-2011-3217 119 DoS Exec Code Overflow Mem. Corr. 2011-10-14 2012-01-13
6.8
 None Remote Medium Not required Partial Partial Partial
MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image.
12 CVE-2011-0230 119 DoS Exec Code Overflow 2011-10-14 2012-01-13
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
13 CVE-2011-0229 119 Exec Code Overflow 2011-10-14 2012-01-13
6.8
 None Remote Medium Not required Partial Partial Partial
Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.
14 CVE-2009-1236 119 1 DoS Overflow 2009-04-02 2009-04-18
10.0
 None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.
15 CVE-2006-6652 Exec Code Overflow 2006-12-19 2008-09-05
9.0
 Admin Remote Low Single system Complete Complete Complete
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
16 CVE-2006-4866 Exec Code Overflow 2006-09-19 2008-09-05
4.6
 User Local Low Not required Partial Partial Partial
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
17 CVE-2006-1220 Exec Code Overflow 2006-03-13 2008-09-05
4.6
 User Local Low Not required Partial Partial Partial
Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow.
18 CVE-2005-0972 Exec Code Overflow 2005-05-12 2008-09-05
7.2
 Admin Local Low Not required Complete Complete Complete
Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.
19 CVE-2005-0971 Overflow +Priv 2005-05-12 2008-09-05
4.6
 User Local Low Not required Partial Partial Partial
Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
20 CVE-2005-0969 DoS Exec Code Overflow 2005-05-12 2008-09-05
4.6
 User Local Low Not required Partial Partial Partial
Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.
21 CVE-2005-0373 Exec Code Overflow 2004-10-07 2008-09-10
7.5
 User Remote Low Not required Partial Partial Partial
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
22 CVE-2004-1086 Exec Code Overflow 2004-12-02 2008-09-10
7.5
 User Remote Low Not required Partial Partial Partial
Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.
23 CVE-2004-0926 Exec Code Overflow 2005-01-27 2008-09-05
10.0
 Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
24 CVE-2004-0886 DoS Overflow Mem. Corr. 2005-01-27 2010-08-21
5.0
 None Remote Low Not required None None Partial
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
25 CVE-2004-0803 Exec Code Overflow 2004-12-23 2010-08-21
7.5
 User Remote Low Not required Partial Partial Partial
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
26 CVE-2003-1006 Exec Code Overflow 2004-03-29 2008-09-05
7.2
 Admin Local Low Not required Complete Complete Complete
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.
27 CVE-2003-0895 DoS Exec Code Overflow 2003-11-03 2008-10-24
4.6
 User Local Low Not required Partial Partial Partial
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
28 CVE-2003-0694 Exec Code Overflow 2003-10-06 2008-09-10
10.0
 Admin Remote Low Not required Complete Complete Complete
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
29 CVE-2003-0681 Overflow 2003-10-06 2008-09-10
7.5
 User Remote Low Not required Partial Partial Partial
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
30 CVE-2003-0518 Overflow 2003-08-18 2008-09-10
4.6
 User Local Low Not required Partial Partial Partial
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.
Total number of vulnerabilities : 30   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.