Page 42 of 215 results (0.013 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.kb.cert.org/vuls/id/331694 http://www.us-cert.gov/cas/techalerts/TA05-136A.html •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/004 •

CVSS: 5.1EPSS: 0%CPEs: 21EXPL: 1

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/012 http://secunia.com/advisories/15227 http://securitytracker.com/id?1013882 http://www.kb.cert.org/vuls/id/994510 http://www.osvdb.org/16083 http://www.securityfocus.com/bid/13480 http://www.vupen.com/english/advisories/2005/0455 •