Search Results (Refine Search)
- CPE Product Version: cpe:/o:apple:mac_os_x:10.4.3
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2005-3712 |
Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
CVE-2005-3782 |
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-4504 |
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. Published: December 22, 2005; 6:03:00 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2005-2757 |
Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." Published: November 30, 2005; 9:07:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-3700 |
Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors. Published: November 30, 2005; 9:07:00 PM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2005-3702 |
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. Published: November 30, 2005; 9:07:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-3704 |
System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). Published: November 30, 2005; 9:07:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-3705 |
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors. Published: November 30, 2005; 9:07:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-1260 |
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). Published: May 19, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |