Apple : Security Vulnerabilities Published In 2010 (Gain Privilege)

2010 : January February March April May June July August September October November December

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2010-3830	264		+Priv	2010-11-26	2010-12-10	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
2	CVE-2010-2973	264	1	Overflow +Priv	2010-08-05	2010-08-18	6.9	Admin	Local	Medium	Not required	Complete	Complete	Complete
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
3	CVE-2010-1805	264		+Priv	2010-09-10	2011-07-18	6.9	None	Local	Medium	Not required	Complete	Complete	Complete
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.
4	CVE-2010-1795			+Priv	2010-08-20	2011-07-18	9.3	Admin	Remote	Medium	Not required	Complete	Complete	Complete
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.
5	CVE-2010-1768			+Priv	2010-08-20	2011-07-18	6.9	Admin	Local	Medium	Not required	Complete	Complete	Complete
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.
6	CVE-2010-1375	287		+Priv	2010-06-17	2010-06-18	7.2	None	Local	Low	Not required	Complete	Complete	Complete
NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors.
7	CVE-2010-0532	362		+Priv	2010-03-31	2010-08-24	6.9	None	Local	Medium	Not required	Complete	Complete	Complete
Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.
8	CVE-2010-0509	264		+Priv	2010-03-30	2010-03-31	7.2	None	Local	Low	Not required	Complete	Complete	Complete
SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts.
9	CVE-2010-0498	287		+Priv	2010-03-30	2010-03-31	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.
10	CVE-2010-0393	264		+Priv	2010-03-05	2013-05-14	6.9	Admin	Local	Medium	Not required	Complete	Complete	Complete
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

Total number of vulnerabilities : 10 Page : 1 (This Page)