10.3.8

DATE	CVE	VULNERABILITY TITLE	RISK
2006-03-06	CVE-2006-0387	Multiple vulnerability in Apple Mac OS X Security Update 2006-001 Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. network low complexity apple	6.4
2006-03-03	CVE-2006-0388	Code Injection vulnerability in Apple mac OS X and mac OS X Server Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. local high complexity apple CWE-94	2.6
2006-03-03	CVE-2006-0386	Multiple vulnerability in Apple Mac OS X Security Update 2006-001 FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. local low complexity apple	1.7
2006-03-02	CVE-2006-0384	Multiple vulnerability in Apple Mac OS X Security Update 2006-001 automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". network low complexity apple	7.5
2006-03-02	CVE-2006-0383	Multiple vulnerability in Apple Mac OS X Security Update 2006-001 IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". network low complexity apple	5.0
2005-12-31	CVE-2005-2714	Link Following vulnerability in Apple mac OS X and mac OS X Server passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. local low complexity apple CWE-59	6.8
2005-12-31	CVE-2005-2713	Multiple vulnerability in Apple Mac OS X Security Update 2006-001 passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. local low complexity apple	6.8
2005-12-22	CVE-2005-4504	Remote Denial of Service vulnerability in Apple Mac OS X KHTMLParser The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. network low complexity apple	7.8
2005-12-01	CVE-2005-2757	Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." network low complexity apple	7.5
2005-11-01	CVE-2005-2752	Information Exposure vulnerability in Apple mac OS X and mac OS X Server An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. local low complexity apple CWE-200	2.1