10.3.8

DATE	CVE	VULNERABILITY TITLE	RISK
2005-10-25	CVE-2005-2744	Multiple vulnerability in Apple Mac OS X Security Update 2005-008 Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file. network high complexity apple	5.1
2005-08-19	CVE-2005-2509	Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts. local low complexity apple	2.1
2005-07-18	CVE-2005-1689	Double Free vulnerability in multiple products Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. network low complexity mit apple debian CWE-415 critical	9.8
2005-05-19	CVE-2005-1260	Resource Exhaustion vulnerability in multiple products bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). network low complexity bzip canonical debian apple CWE-400	5.0
2005-05-12	CVE-2005-0974	Unspecified vulnerability in Apple mac OS X Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. local low complexity apple	7.2
2005-05-12	CVE-2005-0973	Unspecified vulnerability in Apple mac OS X Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments. local low complexity apple	2.1
2005-05-12	CVE-2005-0972	Unspecified vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters. local low complexity apple	7.2
2005-05-12	CVE-2005-0971	Unspecified vulnerability in Apple mac OS X Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. local low complexity apple	4.6
2005-05-12	CVE-2005-0969	Unspecified vulnerability in Apple mac OS X Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters. local low complexity apple	4.6
2005-05-04	CVE-2005-1342	Multiple vulnerability in Apple Mac OS X The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. network low complexity apple	7.5