Vulnerabilities > Apple > MAC OS X Server > 10.5.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-13 | CVE-2009-0141 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple mac OS X and mac OS X Server XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user. | 5.5 |
2009-02-13 | CVE-2009-0140 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name. | 9.3 |
2009-02-13 | CVE-2009-0139 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow. | 9.3 |
2009-02-13 | CVE-2009-0138 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration. | 10.0 |
2009-02-13 | CVE-2009-0137 | Improper Input Validation vulnerability in Apple Safari Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers to execute arbitrary JavaScript in the local security zone via a crafted feed: URL, related to "input validation issues." | 10.0 |
2009-02-13 | CVE-2009-0020 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption. | 7.8 |
2009-02-13 | CVE-2009-0019 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access. | 7.5 |
2009-02-13 | CVE-2009-0018 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory. | 7.8 |
2009-02-13 | CVE-2009-0017 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow. | 7.2 |
2009-02-13 | CVE-2009-0015 | Credentials Management vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management." | 4.9 |