Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2004-0687 | 7.5 |
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
|
20-01-2023 - 19:15 | 20-10-2004 - 04:00 | |
CVE-2004-1307 | 7.5 |
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be a
|
30-10-2018 - 16:26 | 21-12-2004 - 05:00 | |
CVE-2004-0688 | 7.5 |
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a
|
19-10-2018 - 15:30 | 20-10-2004 - 04:00 | |
CVE-2004-1308 | 10.0 |
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a h
|
11-10-2017 - 01:29 | 10-01-2005 - 05:00 | |
CVE-2005-0342 | 2.1 |
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
CVE-2004-1051 | 7.2 |
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
|
11-07-2017 - 01:30 | 01-03-2005 - 05:00 | |
CVE-2005-1331 | 5.1 |
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executi
|
08-03-2011 - 02:21 | 04-05-2005 - 04:00 | |
CVE-2005-1341 | 5.1 |
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
|
08-03-2011 - 02:21 | 04-05-2005 - 04:00 | |
CVE-2005-1342 | 7.5 |
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
|
08-03-2011 - 02:21 | 04-05-2005 - 04:00 | |
CVE-2005-1344 | 7.5 |
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to
|
10-09-2008 - 19:38 | 02-05-2005 - 04:00 | |
CVE-2005-1340 | 7.5 |
The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1343 | 7.2 |
Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.
|
05-09-2008 - 20:48 | 03-05-2005 - 04:00 | |
CVE-2005-1332 | 7.5 |
Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1336 | 4.6 |
Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1338 | 4.6 |
Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1337 | 7.5 |
Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1333 | 5.0 |
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1330 | 4.9 |
AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1335 | 7.2 |
Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-1339 | 7.5 |
lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
|
05-09-2008 - 20:48 | 04-05-2005 - 04:00 | |
CVE-2005-0594 | 7.2 |
Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.
|
05-09-2008 - 20:46 | 04-05-2005 - 04:00 |