Mac Os X

mac_os_x

Vendor: Apple • 3,210 CVEs

CVEs (3,210)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2003-0198 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 5, 2003 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.
CVE-2003-0171 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 May 5, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a...Show more DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.Show less
CVE-2003-0088 1Apple 1Mac Os X Apr 16, 2026 Mar 3, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information.
CVE-2003-0049 1Apple 2Mac Os X Mac Os X Server Apr 16, 2026 Mar 3, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password.
CVE-2002-2326 1Apple 1Mac Os X Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain p...Show more The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.Show less
CVE-2002-1383 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image...Show more Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun.Show less
CVE-2002-1372 2Apple Debian 3Cups Debian LinuxMac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaust...Show more Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.Show less
CVE-2002-1371 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as d...Show more filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.Show less
CVE-2002-1369 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer...Show more jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.Show less
CVE-2002-1368 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HT...Show more Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding.Show less
CVE-2002-1367 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing...Show more Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke.Show less
CVE-2002-1366 2Apple Easy Software Products 2Cups Mac Os X Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 6.2 MEDIUM· v2 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.
CVE-2002-1347 2Apple Cyrusimap 3Cyrus Sasl Mac Os XMac Os X Server Apr 16, 2026 Dec 18, 2002 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) charact...Show more Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.Show less
CVE-2002-1270 1Apple 1Mac Os X Apr 16, 2026 Dec 11, 2002 N/A· v4 N/A· v3 2.1 LOW· v2 Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call.
CVE-2002-1269 1Apple 1Mac Os X Apr 16, 2026 Dec 11, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem.
CVE-2002-1268 1Apple 1Mac Os X Apr 16, 2026 Dec 11, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD."
CVE-2002-1267 1Apple 1Mac Os X Apr 16, 2026 Dec 11, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible."
CVE-2002-1266 1Apple 1Mac Os X Apr 16, 2026 Dec 11, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File."
CVE-2002-1265 3Apple GnuSgi 4Glibc IrixMac Os X+1 more Apr 16, 2026 Nov 12, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
CVE-2002-0666 6Apple FreebsdFrees Wan+3 more 12Bluefire Ix1035 Router FreebsdFrees Wan+9 more Apr 16, 2026 Nov 4, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsu...Show more IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.Show less

Previous 1...157 158 159160161 Next