Vulnerabilities > Apple > MAC OS X > 10.5.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-13 | CVE-2009-0138 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration. | 10.0 |
2009-02-13 | CVE-2009-0137 | Improper Input Validation vulnerability in Apple Safari Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers to execute arbitrary JavaScript in the local security zone via a crafted feed: URL, related to "input validation issues." | 10.0 |
2009-02-13 | CVE-2009-0020 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption. | 7.8 |
2009-02-13 | CVE-2009-0019 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access. | 7.5 |
2009-02-13 | CVE-2009-0018 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory. | 7.8 |
2009-02-13 | CVE-2009-0017 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow. | 7.2 |
2009-02-13 | CVE-2009-0015 | Credentials Management vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management." | 4.9 |
2009-02-13 | CVE-2009-0014 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder. | 2.1 |
2009-02-13 | CVE-2009-0013 | Credentials Management vulnerability in Apple mac OS X and mac OS X Server dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information. | 2.1 |
2009-02-13 | CVE-2009-0012 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string. | 10.0 |