Vulnerabilities > Apple > MAC OS X > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-03 | CVE-2006-4393 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users. | 3.7 |
| 2006-10-03 | CVE-2006-4399 | Multiple Security vulnerability in Apple Mac OS X Pre 10.4.8 User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in less secure password management than intended. | 2.1 |
| 2006-08-03 | CVE-2006-3499 | Multiple Security vulnerability in Apple Mac OS X The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications. | 2.1 |
| 2006-08-02 | CVE-2006-3495 | Multiple Security vulnerability in Apple Mac OS X AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users. | 2.1 |
| 2006-07-06 | CVE-2006-3356 | Denial-Of-Service vulnerability in Mac OS X The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. | 2.6 |
| 2006-05-12 | CVE-2006-1439 | Information Exposure vulnerability in Apple mac OS X 10.4.6 NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events. | 2.1 |
| 2006-05-12 | CVE-2006-1440 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. | 2.1 |
| 2006-05-12 | CVE-2006-1444 | Multiple vulnerability in Apple mac OS X 10.4.6 CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services. | 2.1 |
| 2006-05-12 | CVE-2006-1457 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | 2.6 |
| 2006-04-21 | CVE-2006-1981 | Local Security vulnerability in Mac OS X Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. | 2.1 |