Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.
Max CVSS
5.0
EPSS Score
39.32%
Published
2005-08-17
Updated
2008-09-05
CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.
Max CVSS
5.0
EPSS Score
1.12%
Published
2005-08-19
Updated
2008-09-05
CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).
Max CVSS
5.0
EPSS Score
1.12%
Published
2005-08-19
Updated
2008-09-05
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.82%
Published
2005-08-19
Updated
2008-09-05
Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.
Max CVSS
5.1
EPSS Score
0.70%
Published
2005-08-19
Updated
2008-09-05
Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.
Max CVSS
2.1
EPSS Score
0.05%
Published
2005-08-19
Updated
2008-09-05
slpd in Directory Services in Mac OS X 10.3.9 creates insecure temporary files as root, which allows local users to gain privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
Max CVSS
7.5
EPSS Score
4.38%
Published
2005-08-19
Updated
2008-09-05
Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.
Max CVSS
2.6
EPSS Score
0.06%
Published
2005-08-19
Updated
2008-09-05
Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
0.23%
Published
2005-08-19
Updated
2008-09-05
Quartz Composer Screen Saver in Mac OS X 10.4.2 allows local users to access links from the RSS Visualizer even when a password is required.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.
Max CVSS
7.5
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields.
Max CVSS
5.0
EPSS Score
0.26%
Published
2005-08-19
Updated
2008-09-05
Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.
Max CVSS
10.0
EPSS Score
0.20%
Published
2005-08-19
Updated
2008-09-05
The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended by the administrator.
Max CVSS
4.6
EPSS Score
0.05%
Published
2005-08-19
Updated
2008-09-05
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.
Max CVSS
2.1
EPSS Score
0.05%
Published
2005-08-19
Updated
2008-09-05
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
Max CVSS
7.5
EPSS Score
1.92%
Published
2005-08-19
Updated
2008-09-05
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
Max CVSS
5.0
EPSS Score
0.28%
Published
2005-08-19
Updated
2008-09-05
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.
Max CVSS
7.5
EPSS Score
0.85%
Published
2005-08-19
Updated
2008-09-05
The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-08-19
Updated
2008-09-05
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
Max CVSS
4.6
EPSS Score
0.17%
Published
2005-08-19
Updated
2008-09-10
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
Max CVSS
5.1
EPSS Score
0.49%
Published
2005-08-19
Updated
2008-09-10
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!