CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Mac Os X : Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
951 CVE-2005-0975 DoS 2005-05-02 2017-07-10
2.1
None Local Low Not required None None Partial
Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.
952 CVE-2005-0973 DoS 2005-05-12 2008-09-05
2.1
None Local Low Not required None None Partial
Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.
953 CVE-2005-0969 DoS Exec Code Overflow 2005-05-12 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.
954 CVE-2004-1123 DoS 2005-01-10 2017-07-10
5.0
None Remote Low Not required None None Partial
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.
955 CVE-2004-0886 DoS Overflow Mem. Corr. 2005-01-27 2017-10-10
5.0
None Remote Low Not required None None Partial
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
956 CVE-2004-0744 DoS 2004-11-23 2017-07-10
5.0
None Remote Low Not required None None Partial
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
957 CVE-2004-0112 DoS 2004-11-23 2018-10-30
5.0
None Remote Low Not required None None Partial
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
958 CVE-2004-0081 DoS 2004-11-23 2018-10-30
5.0
None Remote Low Not required None None Partial
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
959 CVE-2004-0079 DoS 2004-11-23 2018-10-30
5.0
None Remote Low Not required None None Partial
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
960 CVE-2003-1005 DoS 2003-12-31 2008-09-10
5.0
None Remote Low Not required None None Partial
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.
961 CVE-2003-0895 DoS Exec Code Overflow 2003-11-03 2017-07-10
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
962 CVE-2003-0804 DoS 2003-11-17 2008-09-10
5.0
None Remote Low Not required None None Partial
The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.
963 CVE-2002-1372 DoS 2002-12-26 2017-10-09
5.0
None Remote Low Not required None None Partial
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
964 CVE-2002-1368 DoS Exec Code 2002-12-26 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding.
965 CVE-2002-1267 DoS 2002-12-11 2017-10-09
5.0
None Remote Low Not required None None Partial
Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible."
966 CVE-2002-1265 DoS 2002-11-12 2017-10-09
5.0
None Remote Low Not required None None Partial
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
967 CVE-2002-0666 DoS 2002-11-04 2008-09-10
5.0
None Remote Low Not required None None Partial
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
968 CVE-2002-0659 DoS 2002-08-12 2008-09-10
5.0
None Remote Low Not required None None Partial
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
969 CVE-2002-0655 DoS Exec Code 2002-08-12 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
970 CVE-1999-1412 DoS 1999-06-03 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
Total number of vulnerabilities : 970   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.