ID CVE-2005-2503
Summary AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 10-09-2008 - 19:42)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
apple
  • APPLE-SA-2005-08-15
  • APPLE-SA-2005-08-17
sectrack 1014696
Last major update 10-09-2008 - 19:42
Published 19-08-2005 - 04:00
Last modified 10-09-2008 - 19:42
Back to Top