CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple : Security Vulnerabilities (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-4444 287 +Priv 2014-10-17 2014-10-23
4.4
None Local Medium Not required Partial Partial Partial
SecurityAgent in Apple OS X before 10.10 does not ensure that a Kerberos ticket is in the cache for the correct user, which allows local users to gain privileges in opportunistic circumstances by leveraging a Fast User Switching login.
2 CVE-2014-4408 119 DoS Overflow +Priv 2014-09-18 2014-10-24
6.9
None Local Medium Not required Complete Complete Complete
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
3 CVE-2014-4386 362 +Priv 2014-09-18 2014-09-18
1.9
None Local Medium Not required None Partial None
Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access.
4 CVE-2014-4375 DoS +Priv 2014-09-18 2014-10-24
7.2
None Local Low Not required Complete Complete Complete
Double free vulnerability in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (device crash) via vectors related to Mach ports.
5 CVE-2014-1379 DoS +Priv 2014-07-01 2014-07-24
10.0
None Remote Low Not required Complete Complete Complete
Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a 32-bit executable file for a crafted application.
6 CVE-2014-1278 119 DoS Overflow +Priv 2014-03-14 2014-03-14
7.2
None Local Low Not required Complete Complete Complete
The ptmx_get_ioctl function in the ARM kernel in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access and device crash) via a crafted call.
7 CVE-2013-0981 +Priv 2013-03-20 2013-03-21
7.2
None Local Low Not required Complete Complete Complete
The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code.
8 CVE-2012-3728 264 +Priv 2012-09-20 2013-03-22
6.9
None Local Medium Not required Complete Complete Complete
The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls.
9 CVE-2012-0649 362 +Priv 2012-05-10 2012-06-20
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file.
10 CVE-2011-3463 287 +Priv 2012-02-02 2012-02-03
7.2
None Local Low Not required Complete Complete Complete
WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory.
11 CVE-2011-0227 264 +Priv 2011-07-19 2011-07-26
7.2
None Local Low Not required Complete Complete Complete
The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted application.
12 CVE-2011-0185 134 +Priv 2011-10-14 2012-01-13
4.4
None Local Medium Not required Partial Partial Partial
Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.
13 CVE-2011-0182 20 +Priv 2011-03-22 2012-02-13
7.2
None Local Low Not required Complete Complete Complete
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
14 CVE-2010-3830 264 +Priv 2010-11-26 2010-12-10
7.2
None Local Low Not required Complete Complete Complete
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
15 CVE-2010-2973 264 1 Overflow +Priv 2010-08-05 2010-08-18
6.9
Admin Local Medium Not required Complete Complete Complete
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
16 CVE-2010-1805 264 +Priv 2010-09-10 2011-07-18
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.
17 CVE-2010-1795 +Priv 2010-08-20 2011-07-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.
18 CVE-2010-1768 +Priv 2010-08-20 2011-07-18
6.9
Admin Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.
19 CVE-2010-1375 287 +Priv 2010-06-17 2010-06-18
7.2
None Local Low Not required Complete Complete Complete
NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors.
20 CVE-2010-0532 362 +Priv 2010-03-31 2010-08-24
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.
21 CVE-2010-0509 264 +Priv 2010-03-30 2010-03-31
7.2
None Local Low Not required Complete Complete Complete
SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts.
22 CVE-2010-0498 287 +Priv 2010-03-30 2010-03-31
7.2
None Local Low Not required Complete Complete Complete
Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.
23 CVE-2010-0393 264 +Priv 2010-03-05 2013-05-14
6.9
Admin Local Medium Not required Complete Complete Complete
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
24 CVE-2009-2835 20 DoS +Priv +Info 2009-11-10 2009-11-17
4.6
None Local Low Not required Partial Partial Partial
The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors.
25 CVE-2009-2807 119 Overflow +Priv 2009-09-14 2012-10-22
7.2
Admin Local Low Not required Complete Complete Complete
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.
26 CVE-2009-2027 264 +Priv 2009-06-10 2009-07-15
7.2
Admin Local Low Not required Complete Complete Complete
The Installer in Apple Safari before 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method.
27 CVE-2009-1712 94 Exec Code +Priv +Info 2009-06-10 2011-02-17
9.3
Admin Remote Medium Not required Complete Complete Complete
WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element.
28 CVE-2009-1235 264 1 +Priv 2009-04-02 2009-08-13
7.2
None Local Low Not required Complete Complete Complete
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
29 CVE-2009-0150 119 DoS Overflow +Priv 2009-05-13 2009-05-16
4.4
User Local Medium Not required Partial Partial Partial
Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image.
30 CVE-2009-0149 94 DoS +Priv Mem. Corr. 2009-05-13 2009-05-16
4.4
User Local Medium Not required Partial Partial Partial
Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption.
31 CVE-2009-0013 255 +Priv 2009-02-12 2009-02-21
2.1
None Local Low Not required Partial None None
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.
32 CVE-2008-4218 189 Overflow +Priv 2008-12-16 2009-08-20
7.2
Admin Local Low Not required Complete Complete Complete
Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt.
33 CVE-2008-3636 189 Overflow +Priv 2008-09-10 2013-08-06
7.2
None Local Low Not required Complete Complete Complete
Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as used in other products including Apple iTunes and multiple Symantec and Norton products, which allows local users to gain privileges via repeated IoAttachDevice IOCTL calls to \\.\GEARAspiWDMDevice in this GEARAspiWDM.sys. However, the root cause is the integer overflow in the API call itself.
34 CVE-2008-2830 264 +Priv 2008-06-23 2008-11-19
7.2
Admin Local Low Not required Complete Complete Complete
Open Scripting Architecture in Apple Mac OS X 10.4.11 and 10.5.4, and some other 10.4 and 10.5 versions, does not properly restrict the loading of scripting addition plugins, which allows local users to gain privileges via scripting addition commands to a privileged application, as originally demonstrated by an osascript tell command to ARDAgent.
35 CVE-2008-2324 264 +Priv 2008-08-03 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs.
36 CVE-2008-2313 264 +Priv 2008-07-01 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local users to gain privileges by inserting a Trojan horse file into this directory.
37 CVE-2008-2308 264 DoS +Priv Mem. Corr. 2008-07-01 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.
38 CVE-2008-1517 20 DoS +Priv 2009-05-13 2009-05-23
7.2
Admin Local Low Not required Complete Complete Complete
Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (system shutdown) via unspecified vectors related to workqueues.
39 CVE-2008-0055 362 DoS +Priv 2008-03-18 2008-10-11
7.2
Admin Local Low Not required Complete Complete Complete
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges.
40 CVE-2007-4686 189 DoS +Priv 2007-11-14 2011-06-20
7.2
None Local Low Not required Complete Complete Complete
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request.
41 CVE-2007-4685 264 +Priv 2007-11-14 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."
42 CVE-2007-3751 Exec Code +Priv 2007-11-07 2008-11-15
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.
43 CVE-2007-0752 +Priv Bypass 2007-05-24 2013-07-06
7.2
Admin Local Low Not required Complete Complete Complete
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
44 CVE-2007-0747 +Priv 2007-04-24 2013-07-03
7.2
Admin Local Low Not required Complete Complete Complete
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.
45 CVE-2007-0744 +Priv 2007-04-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.
46 CVE-2007-0737 +Priv 2007-04-24 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors.
47 CVE-2007-0732 +Priv 2007-04-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port."
48 CVE-2007-0729 264 +Priv 2007-04-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.
49 CVE-2007-0724 +Priv 2007-03-13 2008-09-05
6.9
Admin Local Medium Not required Complete Complete Complete
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
50 CVE-2007-0723 +Priv 2007-03-13 2008-09-05
8.5
Admin Remote Medium Single system Complete Complete Complete
Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.
Total number of vulnerabilities : 88   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.