Page 132 of 786 results (0.009 seconds)

CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 2

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. • https://www.exploit-db.com/exploits/1545 http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=400 http://www.osvdb.org/23646 http://www.securityfocus.com/archive/1/426535/100/0/threaded http://www.securityfocus.com/bid/16907 http://www.securityfocus.com/bid/16910 http://www.us-cert.gov/cas/techa •

CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 1

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=400 http://www.osvdb.org/23647 http://www.securityfocus.com/archive/1/426535/100/0/threaded http://www.securityfocus.com/bid/16907 http://www.securityfocus.com/bid/16910 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com& • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 1

Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. • http://www.osvdb.org/20776 •

CVSS: 6.4EPSS: 1%CPEs: 12EXPL: 0

Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.osvdb.org/23644 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25026 •

CVSS: 7.8EPSS: 11%CPEs: 75EXPL: 3

The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. • https://www.exploit-db.com/exploits/26971 http://docs.info.apple.com/article.html?artnum=303382 http://docs.info.apple.com/jarticle.html?artnum=303382-en http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/18220 http://secunia.com/advisories/19064 http://security-protocols.com/advisory/sp-x22-advisory.txt http://www.kb.cert.org/vuls/id/351217 http://www.securityfocus.com/bid/16045 http://www.securityfocus.com/bid/16907 •