Page 139 of 777 results (0.008 seconds)

CVSS: 5.1EPSS: 1%CPEs: 21EXPL: 1

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/010 http://secunia.com/advisories/15227 http://www.securityfocus.com/bid/13480 http://www.vupen.com/english/advisories/2005/0455 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.kb.cert.org/vuls/id/354486 http://www.us-cert.gov/cas/techalerts/TA05-136A.html •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.kb.cert.org/vuls/id/331694 http://www.us-cert.gov/cas/techalerts/TA05-136A.html •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html • CWE-20: Improper Input Validation •