Apple

macOS X Server

655 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.35%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:51

AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.

Exploit
  • EPSS 2.33%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:51

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executi...

  • EPSS 1.89%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:51

Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.

  • EPSS 0.76%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:51

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."

  • EPSS 1.29%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:52

Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.

  • EPSS 1.34%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:52

lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.

Exploit
  • EPSS 3.08%
  • Veröffentlicht 04.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:52

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.

  • EPSS 1.03%
  • Veröffentlicht 03.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:52

Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.

Exploit
  • EPSS 0.38%
  • Veröffentlicht 03.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:02

Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

  • EPSS 0.36%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:33

The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f arg...