Vulnerabilities > Apple > MAC OS X Server > 10.5.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-10 | CVE-2008-3645 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. | 7.2 |
| 2008-10-10 | CVE-2008-3643 | Multiple Security vulnerability in RETIRED: Apple Mac OS X 2008-007 Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue." | 7.8 |
| 2008-10-10 | CVE-2008-3642 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile. | 9.3 |
| 2008-09-26 | CVE-2008-3638 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which allows remote attackers to execute arbitrary programs. | 9.3 |
| 2008-09-26 | CVE-2008-3637 | Improper Initialization vulnerability in Apple mac OS X and mac OS X Server The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue." | 8.8 |