CVE-2004-1081

3 documents3 sources

Severity

2.1LOW

EPSS

0.1%

top 76.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Darwin Streaming Server Apple MAC OS X Apple MAC OS X Server +1 more

Timeline

PublishedDec 2

Latest updateApr 29

Description

The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages4 packages

▶NVDapple/mac_os_x16 versions+15

▶NVDapple/mac_os_x_server16 versions+15

▶NVDapple/darwin_streaming_server4.1.3, 5.0.1+1

▶NVDapple/quicktime_streaming_server4.1.1

Patches

Patch: lists.apple.com ↗Patch: secunia.com ↗Patch: www.ciac.org ↗

🔴Vulnerability Details

GHSA

GHSA-vw9r-9m5q-6jf5: The Application Framework (AppKit) for Apple Mac OS X 10↗2022-04-29

▶

CVEList

CVE-2004-1081: The Application Framework (AppKit) for Apple Mac OS X 10↗2005-04-14

▶