The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server.
Max CVSS
2.6
EPSS Score
0.27%
Published
2014-10-18
Updated
2017-08-29
Mail in Apple OS X before 10.10 does not properly recognize the removal of a recipient address from a message, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading a message intended exclusively for other recipients.
Max CVSS
4.3
EPSS Score
0.46%
Published
2014-10-18
Updated
2017-08-29
AFP File Server in Apple OS X before 10.10 allows remote attackers to discover the network addresses of all interfaces via an unspecified command to one interface.
Max CVSS
4.3
EPSS Score
0.60%
Published
2014-10-18
Updated
2017-08-29
3 vulnerabilities found