Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-18 | CVE-2005-1689 | Double Free vulnerability in multiple products Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | 9.8 |
| 2005-07-13 | CVE-2005-2272 | Unspecified vulnerability in Apple Safari 2.0 Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." | 2.6 |
| 2005-06-16 | CVE-2005-1722 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | 7.2 |
| 2005-06-16 | CVE-2005-1721 | Unspecified vulnerability in Apple AFP Server Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. | 7.5 |
| 2005-06-16 | CVE-2005-1720 | Unspecified vulnerability in Apple AFP Server AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | 2.1 |
| 2005-06-13 | CVE-2005-1933 | Remote Security vulnerability in Apple mac OS X 10.4 Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | 7.5 |
| 2005-06-13 | CVE-2005-1474 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | 7.5 |
| 2005-06-13 | CVE-2005-1473 | Unspecified vulnerability in Apple mac OS X 10.4.1 SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. | 4.6 |
| 2005-06-08 | CVE-2005-1728 | Unspecified vulnerability in Apple mac OS X 10.4/10.4.1 MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | 4.6 |
| 2005-06-08 | CVE-2005-1727 | Unspecified vulnerability in Apple mac OS X Server 10.4/10.4.1 Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions." | 3.7 |