Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File."
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-12-11
Updated
2017-10-10
Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD."
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-12-11
Updated
2017-10-10
Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-12-11
Updated
2008-09-05
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.
Max CVSS
4.6
EPSS Score
0.14%
Published
2003-08-18
Updated
2008-09-10
Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-11-03
Updated
2017-07-11
Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-11-03
Updated
2008-09-05
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-11-03
Updated
2008-09-05
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
Max CVSS
4.6
EPSS Score
0.32%
Published
2003-11-03
Updated
2017-07-11
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access."
Max CVSS
4.6
EPSS Score
0.06%
Published
2003-12-01
Updated
2017-07-11
Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-03-29
Updated
2017-07-11
Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable.
Max CVSS
4.6
EPSS Score
0.71%
Published
2004-03-03
Updated
2017-10-10
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files."
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-08-18
Updated
2017-07-11
Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-08-18
Updated
2017-07-11
Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-08-18
Updated
2017-07-11
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-02
Updated
2017-07-11
Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-05-02
Updated
2008-09-10
The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-03-21
Updated
2008-09-05
Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-05-12
Updated
2008-09-05
Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-05-12
Updated
2008-09-05
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
Max CVSS
4.9
EPSS Score
0.04%
Published
2005-05-04
Updated
2008-09-05
Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-05-04
Updated
2008-09-05
Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-05-04
Updated
2008-09-05
SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.
Max CVSS
4.6
EPSS Score
0.06%
Published
2005-06-13
Updated
2008-09-05
The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions."
Max CVSS
4.6
EPSS Score
0.06%
Published
2005-12-31
Updated
2017-07-11
MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-06-08
Updated
2008-09-05
277 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!