Lucene search

[email protected]CVE-2004-0622

HistoryDec 06, 2004 - 5:00 a.m.

CVE-2004-0622

2004-12-0605:00:00

[email protected]

web.nvd.nist.gov

apple

mac os x

security

vulnerability

memory

keychain

filevault

nvd

cve-2004-0622

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.3%

JSON

Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory.

Affected configurations

NVD

Node

applemac_os_xMatch10.3.4

applemac_os_xMatch10.4

applemac_os_xMatch10.5

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.3.4
apple:mac_os_xapple mac os xeq10.4
apple:mac_os_xapple mac os xeq10.5

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.3.4
apple:mac_os_x	apple mac os x	eq	10.4
apple:mac_os_x	apple mac os x	eq	10.5

References

citp.princeton.edu/pub/coldboot.pdf

marc.info/?l=bugtraq&m=108819559925981&w=2

www.securityfocus.com/archive/1/488930/100/100/threaded

www.securityfocus.com/archive/1/488948/100/100/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/16557

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.3%

JSON

Related for CVE-2004-0622

cvelist1 nvd1