Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.
Max CVSS
9.4
EPSS Score
2.09%
Published
2007-12-18
Updated
2011-03-08
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote attackers to sniff account activity.
Max CVSS
6.4
EPSS Score
0.78%
Published
2007-12-19
Updated
2017-07-29
2 vulnerabilities found