Vulnerabilities > Apple > MAC OS X Server > 10.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-18 | CVE-2008-0993 | Information Exposure vulnerability in Apple Podcast Producer Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. | 2.1 |
2008-03-18 | CVE-2008-0992 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. | 5.8 |
2008-03-18 | CVE-2008-0989 | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname. | 6.9 |
2008-03-18 | CVE-2008-0987 | Buffer Errors vulnerability in Apple Aperture and Iphoto Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image. | 6.8 |
2008-03-18 | CVE-2008-0060 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link. | 6.8 |
2008-03-18 | CVE-2008-0047 | Buffer Errors vulnerability in Cups 1.3.5 Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | 9.3 |
2008-03-18 | CVE-2008-0046 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions. | 5.0 |
2008-03-18 | CVE-2008-0044 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL. | 5.8 |
2007-12-07 | CVE-2007-6276 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. | 7.8 |
2007-12-06 | CVE-2007-5971 | Resource Management Errors vulnerability in MIT Kerberos 5 Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | 6.9 |