Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-01 | CVE-2005-2757 | Multiple vulnerability in RETIRED: Apple Mac OS X Security Update 2005-009 Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." | 7.5 |
| 2005-11-29 | CVE-2005-3897 | Denial-Of-Service vulnerability in Apple Safari 2.0.2 Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function. | 7.8 |
| 2005-11-18 | CVE-2005-2938 | Permissions, Privileges, and Access Controls vulnerability in Apple Itunes 4.7.1.30/5.0 Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file. | 7.2 |
| 2005-11-05 | CVE-2005-2756 | Remote Buffer Overflow vulnerability in Apple QuickTime Compressed PICT Data Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion. | 5.1 |
| 2005-11-05 | CVE-2005-2755 | Denial of Service vulnerability in Apple QuickTime Null Pointer Dereference Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference. | 2.6 |
| 2005-11-05 | CVE-2005-2754 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | 5.1 |
| 2005-11-05 | CVE-2005-2753 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string. | 5.1 |
| 2005-11-01 | CVE-2005-2752 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406. | 2.1 |
| 2005-11-01 | CVE-2005-2751 | Local vulnerability in Apple Mac OS X Security Update 2005-10-31 memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group. | 2.1 |
| 2005-11-01 | CVE-2005-2750 | Local vulnerability in Apple mac OS X Server 10.4.2 Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed. | 2.1 |