| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-0984 |
119 |
|
DoS Exec Code Overflow |
2013-06-05 |
2013-06-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. |
|
2 |
CVE-2012-3723 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-09-20 |
2017-08-29 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device. |
|
3 |
CVE-2012-3722 |
399 |
|
DoS Exec Code |
2012-09-20 |
2017-08-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. |
|
4 |
CVE-2012-3719 |
20 |
|
Exec Code |
2012-09-20 |
2017-08-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a third-party plugin. |
|
5 |
CVE-2012-3718 |
200 |
|
+Info |
2012-09-20 |
2013-06-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes. |
|
6 |
CVE-2012-0675 |
287 |
|
|
2012-05-11 |
2012-05-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume. |
|
7 |
CVE-2012-0662 |
189 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-11 |
2012-05-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input. |
|
8 |
CVE-2012-0660 |
119 |
|
DoS Exec Code Overflow |
2012-05-11 |
2012-05-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. |
|
9 |
CVE-2012-0659 |
189 |
|
DoS Exec Code Overflow |
2012-05-11 |
2012-05-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. |
|
10 |
CVE-2012-0658 |
119 |
|
DoS Exec Code Overflow |
2012-05-11 |
2012-05-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. |
|
11 |
CVE-2012-0657 |
264 |
|
Bypass |
2012-05-11 |
2012-05-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors. |
|
12 |
CVE-2012-0655 |
310 |
|
|
2012-05-11 |
2017-12-05 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that uses a short key. |
|
13 |
CVE-2012-0654 |
119 |
|
DoS Exec Code Overflow |
2012-05-11 |
2017-12-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate. |
|
14 |
CVE-2012-0650 |
119 |
|
DoS Exec Code Overflow |
2012-09-20 |
2012-09-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. |
|
15 |
CVE-2012-0649 |
362 |
|
+Priv |
2012-05-11 |
2017-12-05 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file. |
|
16 |
CVE-2011-3228 |
94 |
|
DoS Exec Code Mem. Corr. |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file. |
|
17 |
CVE-2011-3227 |
20 |
|
DoS Exec Code |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) a crafted (1) web site or (2) e-mail message. |
|
18 |
CVE-2011-3224 |
|
|
Exec Code |
2011-10-14 |
2012-01-14 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. |
|
19 |
CVE-2011-3223 |
119 |
|
DoS Exec Code Overflow |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file. |
|
20 |
CVE-2011-3222 |
119 |
|
DoS Exec Code Overflow |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. |
|
21 |
CVE-2011-3221 |
94 |
|
DoS Exec Code |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. |
|
22 |
CVE-2011-3220 |
200 |
|
+Info |
2011-10-14 |
2012-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. |
|
23 |
CVE-2011-3218 |
79 |
|
XSS |
2011-10-14 |
2012-01-14 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document. |
|
24 |
CVE-2011-3217 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image. |
|
25 |
CVE-2011-3216 |
264 |
|
Bypass |
2011-10-14 |
2012-01-14 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call. |
|
26 |
CVE-2011-3215 |
264 |
|
Bypass |
2011-10-14 |
2012-01-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state. |
|
27 |
CVE-2011-3214 |
264 |
|
Bypass |
2011-10-14 |
2012-01-14 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors. |
|
28 |
CVE-2011-3213 |
264 |
|
|
2011-10-14 |
2012-01-14 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection. |
|
29 |
CVE-2011-0231 |
200 |
|
+Info |
2011-10-14 |
2012-01-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue." |
|
30 |
CVE-2011-0230 |
119 |
|
DoS Exec Code Overflow |
2011-10-14 |
2012-01-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. |
|
31 |
CVE-2011-0229 |
119 |
|
Exec Code Overflow |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access. |
|
32 |
CVE-2011-0224 |
94 |
|
DoS Exec Code Mem. Corr. |
2011-10-14 |
2012-01-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file. |
|
33 |
CVE-2009-2835 |
20 |
|
DoS +Priv +Info |
2009-11-10 |
2009-11-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors. |
|
34 |
CVE-2009-2834 |
264 |
|
|
2009-11-10 |
2009-11-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
Complete |
None |
|
IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors. |
|
35 |
CVE-2009-2832 |
119 |
|
DoS Exec Code Overflow |
2009-11-10 |
2009-11-17 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related to a "CWD command line tool." |
|
36 |
CVE-2009-2825 |
310 |
|
|
2009-11-10 |
2009-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. |
|
37 |
CVE-2009-2823 |
79 |
|
XSS |
2009-11-10 |
2009-11-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software. |
|
38 |
CVE-2009-2820 |
79 |
|
XSS Http R.Spl. |
2009-11-10 |
2017-09-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues. |
|
39 |
CVE-2009-2818 |
264 |
|
|
2009-11-10 |
2009-11-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack). |
|
40 |
CVE-2009-2808 |
310 |
|
Exec Code |
2009-11-10 |
2009-11-17 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response. |
|
41 |
CVE-2009-1238 |
362 |
|
DoS Mem. Corr. |
2009-04-02 |
2017-09-29 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable. |
|
42 |
CVE-2009-1237 |
399 |
|
DoS |
2009-04-02 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call. |
|
43 |
CVE-2009-1236 |
119 |
|
DoS Overflow |
2009-04-02 |
2017-09-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member. |
|
44 |
CVE-2009-1235 |
264 |
|
+Priv |
2009-04-02 |
2017-09-29 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. |
|
45 |
CVE-2007-1863 |
|
|
DoS |
2007-06-27 |
2021-06-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. |
|
46 |
CVE-2007-0729 |
264 |
|
+Priv |
2007-04-24 |
2011-03-08 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. |
|
47 |
CVE-2006-4866 |
|
|
Exec Code Overflow |
2006-09-19 |
2008-09-05 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. |
|
48 |
CVE-2006-1220 |
|
|
Exec Code Overflow |
2006-03-14 |
2013-09-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow. |
|
49 |
CVE-2005-4504 |
|
|
DoS |
2005-12-22 |
2017-07-20 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. |
|
50 |
CVE-2005-2739 |
|
|
|
2005-11-01 |
2017-07-11 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. |
