CVE-2003-0518 - Vulnerability Details - OpenCVE

The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Mac Os X Mac Os X Server

Configuration 1 [-]

OR	cpe:2.3:o:apple:mac_os_x:10.2:::::::*
	cpe:2.3:o:apple:mac_os_x:10.2.1:::::::*
	cpe:2.3:o:apple:mac_os_x:10.2.2:::::::*
	cpe:2.3:o:apple:mac_os_x:10.2.3:::::::*
	cpe:2.3:o:apple:mac_os_x:10.2.4:::::::*
	cpe:2.3:o:apple:mac_os_x:10.2.5:::::::*
	cpe:2.3:o:apple:mac_os_x:10.2.6:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*
	cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html
http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html
http://docs.info.apple.com/article.html?artnum=120232

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-07-10T04:00:00

Updated: 2024-08-08T01:58:10.963Z

Reserved: 2003-07-07T00:00:00

Link: CVE-2003-0518

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2003-08-18T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2003-0518

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-07-04T00:00:00", "descriptions": [{"lang": "en", "value": "The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-15T16:35:57", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030715 FIXED: MacOSX - crash screensaver locked with password and get thedesktop back", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html"}, {"name": "20030704 MacOSX - crash screensaver locked with password and get the desktop back", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=120232"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0518", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030715 FIXED: MacOSX - crash screensaver locked with password and get thedesktop back", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html"}, {"name": "20030704 MacOSX - crash screensaver locked with password and get the desktop back", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html"}, {"name": "http://docs.info.apple.com/article.html?artnum=120232", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=120232"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:58:10.963Z"}, "title": "CVE Program Container", "references": [{"name": "20030715 FIXED: MacOSX - crash screensaver locked with password and get thedesktop back", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html"}, {"name": "20030704 MacOSX - crash screensaver locked with password and get the desktop back", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=120232"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0518", "datePublished": "2003-07-10T04:00:00", "dateReserved": "2003-07-07T00:00:00", "dateUpdated": "2024-08-08T01:58:10.963Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow."}, {"lang": "es", "value": "El salvapantallas de MacOS X permite a usuarios con acceso f\u00edsico a la m\u00e1quina hacer que el salvapantallas se caiga y ganar acceso a la sesi\u00f3n subyacente mediante un n\u00famero de caracteres largo en el campo de contrase\u00f1a, posiblemente disparando un desbordamiento de b\u00fafer."}], "id": "CVE-2003-0518", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-08-18T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html"}, {"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=120232"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=120232"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}