Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-08 | CVE-2005-1725 | Unspecified vulnerability in Apple mac OS X Server 10.4/10.4.1 launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. | 2.1 |
| 2005-06-08 | CVE-2005-1724 | Unspecified vulnerability in Apple mac OS X Server 10.4/10.4.1 NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions. | 7.5 |
| 2005-06-08 | CVE-2005-1723 | Unspecified vulnerability in Apple mac OS X Server 10.4/10.4.1 LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions. | 7.5 |
| 2005-05-26 | CVE-2005-1408 | Unspecified vulnerability in Apple Keynote 2.0.0/2.0.1 Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. | 5.0 |
| 2005-05-19 | CVE-2005-1472 | Unspecified vulnerability in Apple mac OS X 10.4.1 Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories. | 2.1 |
| 2005-05-19 | CVE-2005-1260 | Resource Exhaustion vulnerability in multiple products bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | 5.0 |
| 2005-05-17 | CVE-2005-1307 | Local Privilege Escalation vulnerability in Adobe Version Cue The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | 7.2 |
| 2005-05-16 | CVE-2005-1248 | Buffer Overflow vulnerability in Apple iTunes MPEG4 Parsing Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file. | 7.5 |
| 2005-05-12 | CVE-2005-1579 | Information Disclosure vulnerability in Apple Quicktime 7.0 Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. | 5.0 |
| 2005-05-12 | CVE-2005-0974 | Unspecified vulnerability in Apple mac OS X Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | 7.2 |