Vulnerabilities > Apple > MAC OS X > Low

DATE CVE VULNERABILITY TITLE RISK
2005-01-27 CVE-2004-0923 Local Password Disclosure vulnerability in CUPS Error_Log
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
local
low complexity
easy-software-products apple
2.1
2004-12-31 CVE-2004-0824 Symbolic Link vulnerability in Apple PPPDialer Insecure Log File Creation
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.
local
low complexity
apple
2.1
2004-12-06 CVE-2004-0622 Information Disclosure vulnerability in Apple mac OS X 10.3.4/10.4/10.5
Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory.
local
low complexity
apple
2.1
2004-12-02 CVE-2004-1081 Remote And Local vulnerability in Apple Mac OS X
The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.
local
low complexity
apple
2.1
2004-12-02 CVE-2004-1085 Remote And Local vulnerability in Apple Mac OS X
Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.
local
low complexity
apple
2.1
2004-12-02 CVE-2004-1087 Remote And Local vulnerability in Apple Mac OS X
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.
local
low complexity
apple
2.1
2004-03-03 CVE-2004-0087 Unspecified vulnerability in Apple mac OS X 10.2.8/10.3.2
The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088.
local
low complexity
apple
2.1
2004-03-03 CVE-2004-0088 Unspecified vulnerability in Apple mac OS X 10.2.8
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087.
local
low complexity
apple
2.1
2003-11-17 CVE-2001-1412 Unspecified vulnerability in Apple mac OS X 10.4.9
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.
local
low complexity
apple
2.1
2003-11-03 CVE-2003-0876 Unspecified vulnerability in Apple mac OS X and mac OS X Server
Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.
local
low complexity
apple
2.1