Vulnerabilities > Apple > MAC OS X Server > 10.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-09-16 | CVE-2008-3608 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile. | 9.3 |
| 2008-09-16 | CVE-2008-2332 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image. | 9.3 |
| 2008-09-16 | CVE-2008-2331 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that were not intended by an administrator. | 5.0 |
| 2008-09-16 | CVE-2008-2330 | Information Exposure vulnerability in Apple mac OS X Server slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "insecure file operation issue." | 4.9 |
| 2008-09-16 | CVE-2008-2329 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window. | 1.9 |
| 2008-09-16 | CVE-2008-2305 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names." | 9.3 |
| 2008-08-04 | CVE-2008-2325 | Resource Management Errors vulnerability in Apple Quicklook QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office file, related to insufficient "bounds checking." | 9.3 |
| 2008-08-04 | CVE-2008-2322 | Numeric Errors vulnerability in Apple Coregraphics Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | 9.3 |
| 2008-08-04 | CVE-2008-2321 | Resource Management Errors vulnerability in Apple Coregraphics Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments." | 9.3 |
| 2008-08-04 | CVE-2008-2320 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Carboncore Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API. | 9.3 |