Apple: >> Mac Os X Server >> 5.0.14 Security Vulnerabilities
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.004
Published
2016-03-24
Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-03-24
Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-03-24
The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-03-24
The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2015-10-23
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
CVSS Score
9.3
EPSS Score
0.099
Published
2013-06-05
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
CVSS Score
6.8
EPSS Score
0.021
Published
2012-09-20
Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.
CVSS Score
4.6
EPSS Score
0.001
Published
2012-09-20
Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.014
Published
2012-09-20
Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.
CVSS Score
2.1
EPSS Score
0.001
Published
2012-09-20
Page 1