Vulnerabilities > Apple > MAC OS X

DATE CVE VULNERABILITY TITLE RISK
2005-12-31 CVE-2005-2713 Multiple vulnerability in Apple Mac OS X Security Update 2006-001
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
local
low complexity
apple
6.8
6.8
2005-12-31 CVE-2005-2194 TCP/IP Remote Denial Of Service vulnerability in Apple Mac OSX
Unspecified vulnerability in the Apple Mac OS X kernel before 10.4.2 allows remote attackers to cause a denial of service (kernel panic) via a crafted TCP packet, possibly related to source routing or loose source routing.
network
low complexity
apple
5.0
5.0
2005-12-31 CVE-2005-1726 Multiple vulnerability in Apple mac OS X 10.4.1
The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions."
local
low complexity
apple
4.6
4.6
2005-12-31 CVE-2005-0985 Denial-Of-Service vulnerability in Apple Mac OS X
Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver.
local
low complexity
apple
2.1
2.1
2005-12-22 CVE-2005-4504 Remote Denial of Service vulnerability in Apple Mac OS X KHTMLParser
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag.
network
low complexity
apple
7.8
7.8
2005-12-01 CVE-2005-3705 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
network
low complexity
apple
7.5
7.5
2005-12-01 CVE-2005-3704 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).
network
low complexity
apple
5.0
5.0
2005-12-01 CVE-2005-3702 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.
network
low complexity
apple
5.0
5.0
2005-12-01 CVE-2005-3700 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors.
local
low complexity
apple
4.6
4.6
2005-12-01 CVE-2005-2757 Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009
Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."
network
low complexity
apple
7.5
7.5