Vulnerabilities > Apple > MAC OS X Server > 10.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-31 | CVE-2005-2714 | Link Following vulnerability in Apple mac OS X and mac OS X Server passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. | 6.8 |
2005-12-31 | CVE-2005-2713 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. | 6.8 |
2005-12-22 | CVE-2005-4504 | Remote Denial of Service vulnerability in Apple Mac OS X KHTMLParser The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. | 7.8 |
2005-12-01 | CVE-2005-3704 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). | 5.0 |
2005-12-01 | CVE-2005-2757 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." | 7.5 |
2005-11-01 | CVE-2005-2752 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. | 2.1 |
2005-11-01 | CVE-2005-2751 | Local vulnerability in Apple Mac OS X Security Update 2005-10-31 memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group. | 2.1 |
2005-11-01 | CVE-2005-2749 | Local vulnerability in Apple Mac OS X Security Update 2005-10-31 Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. | 2.1 |
2005-11-01 | CVE-2005-2739 | Local vulnerability in Apple Mac OS X Security Update 2005-10-31 Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. | 2.1 |
2005-10-25 | CVE-2005-2744 | Multiple vulnerability in Apple Mac OS X Security Update 2005-008 Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file. | 5.1 |