Apple

macOS X

3207 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2009-0141

  • EPSS 0.05%
  • Published 13.02.2009 00:30:05
  • Last modified 09.04.2025 00:30:58

XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user.

7.2

CVE-2009-0011

  • EPSS 0.03%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.

10

CVE-2009-0012

  • EPSS 9.33%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.

2.1

CVE-2009-0013

  • EPSS 0.07%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.

2.1

CVE-2009-0014

  • EPSS 0.07%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.

4.9

CVE-2009-0015

  • EPSS 0.07%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management."

7.2

CVE-2009-0017

  • EPSS 0.08%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow.

7.8

CVE-2009-0018

  • EPSS 0.55%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory.

7.5

CVE-2009-0019

  • EPSS 0.89%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access.

7.8

CVE-2009-0020

  • EPSS 2.24%
  • Published 13.02.2009 00:30:04
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption.