Vulnerabilities > Apple > MAC OS X Server > 10.3.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-02 | CVE-2004-1087 | Remote And Local vulnerability in Apple Mac OS X Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. | 2.1 |
2004-12-02 | CVE-2004-1086 | Remote And Local vulnerability in Apple Mac OS X Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file. | 7.5 |
2004-12-02 | CVE-2004-1085 | Remote And Local vulnerability in Apple Mac OS X Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | 2.1 |
2004-12-02 | CVE-2004-1084 | Remote And Local vulnerability in Apple Mac OS X Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | 5.0 |
2004-12-02 | CVE-2004-1081 | Remote And Local vulnerability in Apple Mac OS X The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | 2.1 |
2004-10-07 | CVE-2005-0373 | Remote And Local vulnerability in Cyrus SASL Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | 7.5 |
2002-12-18 | CVE-2002-1347 | Incorrect Calculation of Buffer Size vulnerability in multiple products Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | 9.8 |