CVE-2005-2748
- EPSS 0.34%
- Veröffentlicht 25.10.2005 22:06:00
- Zuletzt bearbeitet 16.06.2026 22:15:36
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.
CVE-2005-2501
- EPSS 4.21%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:01
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.
CVE-2005-2502
- EPSS 3.34%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:01
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
CVE-2005-2503
- EPSS 0.39%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:01
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
CVE-2005-2504
- EPSS 0.4%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:01
The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.
- EPSS 1.29%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:06
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
CVE-2005-2507
- EPSS 6.18%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:06
Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
CVE-2005-2508
- EPSS 0.69%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:06
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
CVE-2005-2509
- EPSS 0.39%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:06
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.
CVE-2005-2510
- EPSS 0.39%
- Veröffentlicht 19.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:15:06
The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall p...