Page 33 of 220 results (0.022 seconds)

CVSS: 5.1EPSS: 1%CPEs: 21EXPL: 1

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/010 http://secunia.com/advisories/15227 http://www.securityfocus.com/bid/13480 http://www.vupen.com/english/advisories/2005/0455 •

CVSS: 5.1EPSS: 0%CPEs: 21EXPL: 1

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/012 http://secunia.com/advisories/15227 http://securitytracker.com/id?1013882 http://www.kb.cert.org/vuls/id/994510 http://www.osvdb.org/16083 http://www.securityfocus.com/bid/13480 http://www.vupen.com/english/advisories/2005/0455 •

CVSS: 3.6EPSS: 0%CPEs: 56EXPL: 1

Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. • http://www.security-focus.com/archive/1/397306 •

CVSS: 2.1EPSS: 0%CPEs: 16EXPL: 2

Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header. • http://felinemenace.org/advisories/macosx.txt http://lists.apple.com/archives/security-announce/2005/Apr/msg00000.html http://marc.info/?l=bugtraq&m=110616533903671&w=2 http://secunia.com/advisories/13902 http://securitytracker.com/id?1012941 http://securitytracker.com/id?1013735 http://www.ciac.org/ciac/bulletins/p-185.shtml http://www.securityfocus.com/bid/12314 http://www.vupen.com/english/advisories/2005/0041 https://exchange.xforce.ibmcloud.com/vulnerabilities/18979 •

CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 0

AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. • http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html •