CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 2CVE-2005-0716 – Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0716
21 Mar 2005 — Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. • https://www.exploit-db.com/exploits/2111 •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 2CVE-2005-0342 – Apple Mac OSX - '.DS_Store' Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2005-0342
10 Feb 2005 — The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. • https://www.exploit-db.com/exploits/793 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-0125
https://notcve.org/view.php?id=CVE-2005-0125
29 Jan 2005 — The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2005-0126
https://notcve.org/view.php?id=CVE-2005-0126
29 Jan 2005 — ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2004-0824 – Apple Mac OSX - Panther Internet Connect Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0824
31 Dec 2004 — PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. • https://www.exploit-db.com/exploits/367 •
CVSS: 8.8EPSS: 8%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
21 Dec 2004 — Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 1CVE-2004-1123
https://notcve.org/view.php?id=CVE-2004-1123
05 Dec 2004 — Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. • http://www.idefense.com/application/poi/display?id=159&type=vulnerabilities •
CVSS: 7.5EPSS: 1%CPEs: 35EXPL: 0CVE-2004-1083
https://notcve.org/view.php?id=CVE-2004-1083
03 Dec 2004 — Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1084
https://notcve.org/view.php?id=CVE-2004-1084
02 Dec 2004 — Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html •
CVSS: 7.8EPSS: 2%CPEs: 35EXPL: 0CVE-2004-1086
https://notcve.org/view.php?id=CVE-2004-1086
02 Dec 2004 — Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html •