Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-03 | CVE-2006-0389 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. | 2.6 |
| 2006-03-03 | CVE-2006-0388 | Code Injection vulnerability in Apple mac OS X and mac OS X Server Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | 2.6 |
| 2006-03-03 | CVE-2006-0386 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. | 1.7 |
| 2006-03-02 | CVE-2006-0384 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". | 7.5 |
| 2006-03-02 | CVE-2006-0383 | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". | 5.0 |
| 2006-02-22 | CVE-2006-0848 | Configuration vulnerability in Apple mac OS X and mac OS X Server The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. | 5.1 |
| 2006-02-14 | CVE-2006-0382 | Local Denial Of Service vulnerability in Apple mac OS X 10.4.5 Apple Mac OS X 10.4.5 and allows local users to cause a denial of service (crash) via an undocumented system call. | 2.1 |
| 2005-12-31 | CVE-2005-4678 | Remote Security vulnerability in Apple Safari 2.0.2 Apple Safari 2.0.2 (aka 416.12) allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. | 5.0 |
| 2005-12-31 | CVE-2005-3782 | Denial-Of-Service vulnerability in Apple Mac OS X Server Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. | 2.1 |
| 2005-12-31 | CVE-2005-3714 | Resource Management Errors vulnerability in Apple Airport Express and Airport Extreme The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme 5.x before Firmware Update 5.7, allows remote attackers to cause a denial of service (unresponsive interface) via malformed packets. | 5.0 |