Apple macOS vulnerabilities

CVE-2005-0973 [LOW] CVE-2005-0973: Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local user Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.

CVE-2005-1340 [HIGH] CVE-2005-1340: The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabl The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.

CVE-2005-1339 [HIGH] CVE-2005-1339: lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by l lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.

CVE-2005-1335 [HIGH] CVE-2005-1335: Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chp Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."

CVE-2005-1337 [HIGH] CVE-2005-1337: Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arb Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI.

CVE-2005-1332 [HIGH] CVE-2005-1332: Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.

CVE-2005-1342 [HIGH] CVE-2005-1342: The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal es The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.

CVE-2005-1336 [MEDIUM] CVE-2005-1336: Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitr Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.

CVE-2005-1331 [MEDIUM] CVE-2005-1331: The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.

CVE-2005-1341 [MEDIUM] CVE-2005-1341: Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.

CVE-2005-1338 [MEDIUM] CVE-2005-1338: Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store init Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext.

CVE-2005-1333 [MEDIUM] CVE-2005-1333: Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac O Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.

CVE-2005-1330 [MEDIUM] CWE-20 CVE-2005-1330: AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) vi AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception.

CVE-2005-1343 [HIGH] CVE-2005-1343: Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users t Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.

CVE-2005-1430 [LOW] CVE-2005-1430: Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is manage Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

CVE-2005-0125 [HIGH] CVE-2005-0125: The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user.

CVE-2005-0126 [HIGH] CVE-2005-0126: ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap.

CVE-2005-0970 [HIGH] CWE-264 CVE-2005-0970: Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, cont Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.

CVE-2005-0712 [MEDIUM] CVE-2005-0712: Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow loc Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles.

CVE-2005-0127 [MEDIUM] CVE-2005-0127: Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes inform Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine.