cpe:2.3:o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.
Max CVSS
2.1
EPSS Score
0.04%
Published
2012-09-20
Updated
2013-06-06
Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network.
Max CVSS
4.3
EPSS Score
0.17%
Published
2012-02-02
Updated
2012-02-03
QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
Max CVSS
4.3
EPSS Score
0.94%
Published
2011-10-14
Updated
2012-01-14
CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."
Max CVSS
5.0
EPSS Score
0.15%
Published
2011-10-14
Updated
2012-01-14
The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory.
Max CVSS
2.1
EPSS Score
0.04%
Published
2011-03-23
Updated
2011-03-24
slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "insecure file operation issue."
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-09-16
Updated
2017-08-08
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.
Max CVSS
1.9
EPSS Score
0.07%
Published
2008-09-16
Updated
2017-08-08
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!