Apple macOS vulnerabilities

CVE-2005-2502 [MEDIUM] CVE-2005-2502: Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.

CVE-2005-2525 [MEDIUM] CVE-2005-2525: CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple s CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).

CVE-2005-2513 [MEDIUM] CVE-2005-2513: Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure inpu Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields.

CVE-2005-2520 [LOW] CVE-2005-2520: The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the sa The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.

CVE-2005-2512 [LOW] CVE-2005-2512: Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote ima Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.

CVE-2005-2517 [LOW] CVE-2005-2517: Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.

CVE-2005-2509 [LOW] CVE-2005-2509: Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is ena Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.

CVE-2005-1689 [CRITICAL] CWE-415 CVE-2005-1689: Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier a Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.

CVE-2005-1722 [HIGH] CVE-2005-1722: Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows loca Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions.

CVE-2005-1474 [HIGH] CVE-2005-1474: Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without pro Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933.

CVE-2005-1933 [HIGH] CVE-2005-1933: Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474.

CVE-2005-1473 [MEDIUM] CVE-2005-1473: SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked sc SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.

CVE-2005-1728 [MEDIUM] CVE-2005-1728: MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credential MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.

CVE-2005-1260 [MEDIUM] CWE-400 CVE-2005-1260: bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bz bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

CVE-2005-1472 [LOW] CVE-2005-1472: Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain dir Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.

CVE-2005-1307 [HIGH] CVE-2005-1307: The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the curre The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.

CVE-2005-0974 [HIGH] CVE-2005-0974: Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gai Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

CVE-2005-0972 [HIGH] CVE-2005-0972: Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to ex Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.

CVE-2005-0969 [MEDIUM] CVE-2005-0969: Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows l Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters.

CVE-2005-0971 [MEDIUM] CVE-2005-0971: Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local use Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.