Page 561 of 2935 results (0.014 seconds)

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/004 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •

CVSS: 5.1EPSS: 0%CPEs: 21EXPL: 1

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://remahl.se/david/vuln/012 http://secunia.com/advisories/15227 http://securitytracker.com/id?1013882 http://www.kb.cert.org/vuls/id/994510 http://www.osvdb.org/16083 http://www.securityfocus.com/bid/13480 http://www.vupen.com/english/advisories/2005/0455 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. • http://docs.info.apple.com/article.html?artnum=301381 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.digitalmunition.com/DMA%5B2005-0502a%5D.txt http://www.kb.cert.org/vuls/id/258390 http://www.us-cert.gov/cas/techalerts/TA05-136A.html •