CVE-2005-4217
- EPSS 2.74%
- Veröffentlicht 14.12.2005 11:03:00
- Zuletzt bearbeitet 16.06.2026 22:18:22
Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.
CVE-2005-2757
- EPSS 3.53%
- Veröffentlicht 01.12.2005 02:07:00
- Zuletzt bearbeitet 16.06.2026 22:15:37
Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."
CVE-2005-3700
- EPSS 0.38%
- Veröffentlicht 01.12.2005 02:07:00
- Zuletzt bearbeitet 16.06.2026 22:17:27
Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors.
CVE-2005-3701
- EPSS 0.36%
- Veröffentlicht 01.12.2005 02:07:00
- Zuletzt bearbeitet 16.06.2026 22:17:27
Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors.
- EPSS 2.06%
- Veröffentlicht 01.12.2005 02:07:00
- Zuletzt bearbeitet 16.06.2026 22:17:27
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.
- EPSS 1.51%
- Veröffentlicht 01.12.2005 02:07:00
- Zuletzt bearbeitet 16.06.2026 22:17:27
System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).
CVE-2005-3705
- EPSS 3.61%
- Veröffentlicht 01.12.2005 02:07:00
- Zuletzt bearbeitet 16.06.2026 22:17:28
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2005-2739
- EPSS 0.35%
- Veröffentlicht 01.11.2005 12:47:00
- Zuletzt bearbeitet 16.06.2026 22:15:35
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
CVE-2005-2749
- EPSS 0.37%
- Veröffentlicht 01.11.2005 12:47:00
- Zuletzt bearbeitet 16.06.2026 22:15:36
Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability.
CVE-2005-2750
- EPSS 0.35%
- Veröffentlicht 01.11.2005 12:47:00
- Zuletzt bearbeitet 16.06.2026 22:15:36
Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed.