Vulnerabilities > Apple > MAC OS X > 10.3.5

DATE CVE VULNERABILITY TITLE RISK
2006-11-30 CVE-2006-4412 Multiple Security vulnerability in Apple Mac OS X 2006-007
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects.
network
apple
6.8
2006-11-30 CVE-2006-4411 Multiple Security vulnerability in Apple Mac OS X 2006-007
The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors.
local
low complexity
apple
7.2
2006-11-30 CVE-2006-4407 Multiple Security vulnerability in Apple Mac OS X 2006-007
The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic.
network
low complexity
apple
5.0
2006-11-30 CVE-2006-4406 Multiple Security vulnerability in Apple Mac OS X 2006-007
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
apple
7.5
2006-11-30 CVE-2006-4404 Multiple Security vulnerability in Apple Mac OS X 2006-007
The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges.
network
low complexity
apple
critical
10.0
2006-11-30 CVE-2006-4403 Multiple Security vulnerability in Apple Mac OS X 2006-007
The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames.
network
high complexity
apple
4.0
2006-11-30 CVE-2006-4402 Multiple Security vulnerability in Apple Mac OS X 2006-007
Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files.
network
high complexity
apple
5.1
2006-11-30 CVE-2006-4401 Multiple Security vulnerability in Apple Mac OS X 2006-007
Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI.
network
high complexity
apple
5.1
2006-11-30 CVE-2006-4400 Multiple Security vulnerability in Apple Mac OS X 2006-007
Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files.
network
high complexity
apple
5.1
2006-11-30 CVE-2006-4396 Multiple Security vulnerability in Apple Mac OS X 2006-007
The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack.
local
low complexity
apple
4.6