Vulnerabilities > Apple > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-25 | CVE-2005-2748 | Unspecified vulnerability in Apple mac OS X and mac OS X Server The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. | 2.1 |
| 2005-08-19 | CVE-2005-2509 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts. | 2.1 |
| 2005-08-19 | CVE-2005-2512 | Unspecified vulnerability in Apple mac OS X and Mail Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak. | 2.1 |
| 2005-08-19 | CVE-2005-2517 | Unspecified vulnerability in Apple mac OS X and Safari Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site. | 2.6 |
| 2005-08-19 | CVE-2005-2520 | Unspecified vulnerability in Apple mac OS X 10.4/10.4.1/10.4.2 The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords. | 2.1 |
| 2005-07-19 | CVE-2005-2196 | Unspecified vulnerability in Apple Airport Card The Apple AirPort card uses a default WEP key when not connected to a known or trusted network, which can cause it to automatically connect to a malicious network. | 2.1 |
| 2005-07-13 | CVE-2005-2272 | Unspecified vulnerability in Apple Safari 2.0 Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." | 2.6 |
| 2005-06-16 | CVE-2005-1720 | Unspecified vulnerability in Apple AFP Server AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | 2.1 |
| 2005-06-08 | CVE-2005-1725 | Unspecified vulnerability in Apple mac OS X Server 10.4/10.4.1 launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory. | 2.1 |
| 2005-06-08 | CVE-2005-1727 | Unspecified vulnerability in Apple mac OS X Server 10.4/10.4.1 Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions." | 3.7 |