Vulnerabilities > Apple > MAC OS X Server > 10.4.3

DATE CVE VULNERABILITY TITLE RISK
2005-12-31 CVE-2005-3706 Multiple vulnerability in Apple Mac OS X Security Update 2006-001
Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory.
network
low complexity
apple
6.4
6.4
2005-12-31 CVE-2005-2714 Link Following vulnerability in Apple mac OS X and mac OS X Server
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file.
local
low complexity
apple CWE-59
6.8
6.8
2005-12-31 CVE-2005-2713 Multiple vulnerability in Apple Mac OS X Security Update 2006-001
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
local
low complexity
apple
6.8
6.8
2005-12-22 CVE-2005-4504 Remote Denial of Service vulnerability in Apple Mac OS X KHTMLParser
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.
network
low complexity
apple
7.8
7.8
2005-12-01 CVE-2005-3705 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
network
low complexity
apple
7.5
7.5
2005-12-01 CVE-2005-3704 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).
network
low complexity
apple
5.0
5.0
2005-12-01 CVE-2005-3702 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.
network
low complexity
apple
5.0
5.0
2005-12-01 CVE-2005-3701 Multiple vulnerability in Apple mac OS X Server 10.3.9/10.4.3
Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors.
local
low complexity
apple
7.2
7.2
2005-12-01 CVE-2005-3700 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors.
local
low complexity
apple
4.6
4.6
2005-12-01 CVE-2005-2757 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."
network
low complexity
apple
7.5
7.5