Vulnerabilities > Apple > MAC OS X > 10.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-18 | CVE-2008-1000 | Path Traversal vulnerability in Apple mac OS X and mac OS X Server Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments. | 8.5 |
2008-03-18 | CVE-2008-0999 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference. | 7.1 |
2008-03-18 | CVE-2008-0998 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects. | 6.9 |
2008-03-18 | CVE-2008-0996 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. | 1.7 |
2008-03-18 | CVE-2008-0995 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
2008-03-18 | CVE-2008-0994 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
2008-03-18 | CVE-2008-0993 | Information Exposure vulnerability in Apple Podcast Producer Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. | 2.1 |
2008-03-18 | CVE-2008-0992 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. | 5.8 |
2008-03-18 | CVE-2008-0989 | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname. | 6.9 |
2008-03-18 | CVE-2008-0987 | Buffer Errors vulnerability in Apple Aperture and Iphoto Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image. | 6.8 |