Mac Os X Server Security Vulnerabilities and Issues — Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

6 matches found

CVE•added 2005/06/13 4:0 a.m.•50 views

CVE-2005-1474

Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933.

7.5CVSS6AI score0.01548EPSS

CVE•added 2005/06/16 4:0 a.m.•42 views

CVE-2005-1722

Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions.

7.2CVSS6.6AI score0.00048EPSS

CVE•added 2005/06/14 4:0 a.m.•42 views

CVE-2005-1727

Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."

3.7CVSS5.9AI score0.00046EPSS

CVE•added 2005/06/14 4:0 a.m.•41 views

CVE-2005-1725

launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.

2.1CVSS5.9AI score0.00161EPSS

CVE•added 2005/06/14 4:0 a.m.•40 views

CVE-2005-1723

LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions.

7.5CVSS6.2AI score0.00467EPSS

CVE•added 2005/06/14 4:0 a.m.•37 views

CVE-2005-1724

NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions.

7.5CVSS6.4AI score0.00311EPSS