Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.

Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.