U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 248 matching records.
Displaying matches 241 through 248.
Vuln ID Summary CVSS Severity
CVE-2006-1470

OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error.

Published: June 27, 2006; 6:13:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2006-1471

Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file.

Published: June 27, 2006; 6:13:00 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2006-1455

QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference.

Published: May 12, 2006; 5:02:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2006-1456

Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging.

Published: May 12, 2006; 5:02:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2006-1457

Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink.

Published: May 12, 2006; 5:02:00 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2006-1983

Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.

Published: April 21, 2006; 6:02:00 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2006-1985

Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function.

Published: April 21, 2006; 6:02:00 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2005-3782

Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.

Published: December 31, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW