Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-3621 | 9.3 |
VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving H.264 encoded media.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3622 | 4.3 |
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injecti
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3610 | 7.6 |
Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account is enabled, allows attackers to bypass password authentication and login to any account via multiple attempts to login to the blank-password account,
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3617 | 5.0 |
Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10.5.4, when used to set a password for a VNC viewer, displays additional input characters beyond the maximum password length, which might make it easier for attackers to guess passw
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3611 | 6.3 |
Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user makes a password-change attempt that is denied by policy, which allows opportunistic, physically proximate attackers to bypass authentication and change this user'
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3608 | 9.3 |
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3613 | 6.1 |
Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3609 | 7.2 |
The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during recycling (aka purging) of a vnode, which might allow local users to bypass the intended read or write permissions of a file.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3618 | 9.0 |
The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vuln
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3616 | 10.0 |
Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via vectors associated with "passing untrus
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3619 | 2.1 |
Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-2329 | 1.9 |
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2332 | 9.3 |
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2330 | 4.9 |
slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "ins
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2312 | 4.9 |
Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file.
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2331 | 5.0 |
Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that w
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2305 | 9.3 |
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names."
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 |