Vulnerabilities > Apple > MAC OS X > 10.4.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-30 | CVE-2006-4398 | Multiple Security vulnerability in Apple Mac OS X 2006-007 Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests. | 7.2 |
| 2006-11-30 | CVE-2006-4396 | Multiple Security vulnerability in Apple Mac OS X 2006-007 The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack. | 4.6 |
| 2006-10-03 | CVE-2006-4399 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in less secure password management than intended. | 2.1 |
| 2006-10-03 | CVE-2006-4397 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tickets from being destroyed if a user does not successfully log on to a network account from the login window, which might allow later users to gain access to the original user's Kerberos tickets. | 4.6 |
| 2006-10-03 | CVE-2006-4395 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows context-dependent attackers to cause a denial of service ("memory corruption" and crash) via a crafted PICT image that is not properly handled by a certain "unsupported QuickDraw operation." | 5.1 |
| 2006-10-03 | CVE-2006-4394 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors. | 7.5 |
| 2006-10-03 | CVE-2006-4393 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users. | 3.7 |
| 2006-10-03 | CVE-2006-4392 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function. | 7.2 |
| 2006-10-03 | CVE-2006-4391 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to execute arbitrary code via a malformed JPEG2000 image. | 5.1 |
| 2006-10-03 | CVE-2006-4390 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted. | 2.6 |