Vulnerabilities > Apple > MAC OS X > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-09-11 | CVE-2008-3634 | Information Exposure vulnerability in Apple Itunes Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information. | 2.6 |
| 2008-06-02 | CVE-2008-1033 | Permissions, Privileges, and Access Controls vulnerability in Apple Cups The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environment variables." | 2.1 |
| 2008-06-02 | CVE-2008-1578 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |
| 2008-03-18 | CVE-2008-0993 | Information Exposure vulnerability in Apple Podcast Producer Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. | 2.1 |
| 2008-03-18 | CVE-2008-0994 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
| 2008-03-18 | CVE-2008-0995 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. | 2.6 |
| 2008-03-18 | CVE-2008-0996 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. | 1.7 |
| 2008-03-18 | CVE-2008-0049 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications. | 1.9 |
| 2008-02-12 | CVE-2008-0038 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X 10.5/10.5.1 Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security restrictions or exploit vulnerabilities in the application. | 1.9 |
| 2007-12-19 | CVE-2007-5851 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X 10.4.11 iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. | 3.6 |