Vulnerabilities > Apple
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-31 | CVE-2005-1726 | Multiple vulnerability in Apple mac OS X 10.4.1 The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions." | 4.6 |
2005-12-31 | CVE-2005-0985 | Denial-Of-Service vulnerability in Apple Mac OS X Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver. | 2.1 |
2005-12-22 | CVE-2005-4504 | Remote Denial of Service vulnerability in Apple Mac OS X KHTMLParser The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. | 7.8 |
2005-12-14 | CVE-2005-4217 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Server 10.3.9 Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges. | 7.5 |
2005-12-08 | CVE-2005-4092 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes and Quicktime Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. | 7.5 |
2005-12-01 | CVE-2005-3705 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors. | 7.5 |
2005-12-01 | CVE-2005-3704 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). | 5.0 |
2005-12-01 | CVE-2005-3702 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. | 5.0 |
2005-12-01 | CVE-2005-3701 | Multiple vulnerability in Apple mac OS X Server 10.3.9/10.4.3 Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors. | 7.2 |
2005-12-01 | CVE-2005-3700 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors. | 4.6 |