Vulnerabilities > Apple > MAC OS X Server > 10.5.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-20 | CVE-2010-0036 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | 9.3 |
| 2009-12-08 | CVE-2009-2843 | Cryptographic Issues vulnerability in Apple mac OS X and mac OS X Server Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet. | 5.0 |
| 2009-11-10 | CVE-2009-2840 | Multiple Security vulnerability in RETIRED: Apple Mac OS X 2009-006 Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors. | 4.9 |
| 2009-11-10 | CVE-2009-2839 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 6.8 |
| 2009-11-10 | CVE-2009-2835 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors. | 4.6 |
| 2009-11-10 | CVE-2009-2834 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server IOKit in Apple Mac OS X before 10.6.2 allows local users to modify the firmware of a (1) USB or (2) Bluetooth keyboard via unspecified vectors. | 4.9 |
| 2009-11-10 | CVE-2009-2833 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 7.5 |
| 2009-11-10 | CVE-2009-2832 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Server Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related to a "CWD command line tool." Per: http://support.apple.com/kb/HT3937 "This issue affects Mac OS X Server systems only" | 5.1 |
| 2009-11-10 | CVE-2009-2831 | Multiple Security vulnerability in RETIRED: Apple Mac OS X 2009-006 Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue." low complexity apple | 5.8 |
| 2009-11-10 | CVE-2009-2829 | Credentials Management vulnerability in Apple mac OS X Server 10.5.8 Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafted authentication data sent to an SSH daemon, which allows remote attackers to cause a denial of service via vectors involving processing of XML log documents by other services, related to a "log injection" issue. | 5.0 |