Filtered by vendor Apple
Subscribe
Total
11236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0342 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 2.1 LOW | N/A |
| The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | |||||
| CVE-2005-0341 | 1 Apple | 1 Safari | 2017-07-11 | 4.3 MEDIUM | N/A |
| Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. | |||||
| CVE-2005-0340 | 1 Apple | 1 Afp Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet. | |||||
| CVE-2005-0289 | 1 Apple | 2 Airport Express, Airport Extreme | 2017-07-11 | 5.0 MEDIUM | N/A |
| Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs. | |||||
| CVE-2005-0234 | 1 Apple | 1 Safari | 2017-07-11 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2005-0127 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. | |||||
| CVE-2005-0126 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-11 | 7.5 HIGH | N/A |
| ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. | |||||
| CVE-2005-0043 | 1 Apple | 1 Itunes | 2017-07-11 | 7.5 HIGH | N/A |
| Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files. | |||||
| CVE-2004-1832 | 1 Apple | 1 Mac Os X Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660. | |||||
| CVE-2004-1314 | 1 Apple | 1 Safari | 2017-07-11 | 7.5 HIGH | N/A |
| Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. | |||||
| CVE-2004-1199 | 1 Apple | 1 Safari | 2017-07-11 | 5.0 MEDIUM | N/A |
| Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | |||||
| CVE-2004-1123 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. | |||||
| CVE-2004-1121 | 1 Apple | 1 Safari | 2017-07-11 | 5.0 MEDIUM | N/A |
| Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags. | |||||
| CVE-2004-1089 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | |||||
| CVE-2004-1088 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 7.5 HIGH | N/A |
| Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. | |||||
| CVE-2004-1087 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 2.1 LOW | N/A |
| Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. | |||||
| CVE-2004-1086 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 7.5 HIGH | N/A |
| Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file. | |||||
| CVE-2004-1085 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 2.1 LOW | N/A |
| Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | |||||
| CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | |||||
| CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2017-07-11 | 2.1 LOW | N/A |
| The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | |||||