Vulnerabilities > Apple > MAC OS X > 10.4.2

DATE CVE VULNERABILITY TITLE RISK
2005-08-19 CVE-2005-2508 Unspecified vulnerability in Apple mac OS X and mac OS X Server
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
local
low complexity
apple
4.6
4.6
2005-08-19 CVE-2005-2506 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
network
low complexity
apple
5.0
5.0
2005-08-19 CVE-2005-2504 Unspecified vulnerability in Apple mac OS X and mac OS X Server
The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.
local
low complexity
apple
7.2
7.2
2005-08-19 CVE-2005-2503 Unspecified vulnerability in Apple mac OS X and mac OS X Server
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
local
low complexity
apple
4.6
4.6
2005-08-19 CVE-2005-2502 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
network
high complexity
apple
5.1
5.1
2005-08-19 CVE-2005-2501 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.
network
high complexity
apple
7.6
7.6
2005-07-18 CVE-2005-1689 Double Free vulnerability in multiple products
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
network
low complexity
mit apple debian CWE-415
critical
 9.8
9.8
2005-05-19 CVE-2005-1260 Resource Exhaustion vulnerability in multiple products
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
network
low complexity
bzip canonical debian apple CWE-400
5.0
5.0