Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mac os x 10.5.5 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-4212
Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote malicious users to bypass intended access restrictions.
Apple Mac Os X 10.5.5
Apple Mac Os X Server 10.5.5
Apple Mac Os X 10.4.11
Apple Mac Os X Server 10.4.11
4.6
CVSSv2
CVE-2008-4214
Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files.
Apple Mac Os X Server 10.5.5
Apple Mac Os X 10.4.11
Apple Mac Os X 10.5.5
Apple Mac Os X Server 10.4.11
9.3
CVSSv2
CVE-2008-3638
Java on Apple Mac OS X 10.5.4 and 10.5.5 does not prevent applets from accessing file:// URLs, which allows remote malicious users to execute arbitrary programs.
Apple Mac Os X Server 10.5.4
Apple Mac Os X Server 10.5.5
Apple Mac Os X 10.5.5
Apple Mac Os X 10.5.4
9.3
CVSSv2
CVE-2008-3642
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote malicious users to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile.
Apple Mac Os X 10.4.11
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.5.5
Apple Mac Os X Server 10.5.5
7.2
CVSSv2
CVE-2008-3645
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.
Apple Mac Os X 10.4.11
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.5.5
Apple Mac Os X Server 10.5.5
9.3
CVSSv2
CVE-2008-3647
Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote malicious users to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment.
Apple Mac Os X Server 10.5.5
Apple Mac Os X 10.4.11
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.5.5
7.8
CVSSv2
CVE-2008-3643
Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted malicious users to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue."...
Apple Mac Os X Server 10.5.5
Apple Mac Os X 10.5.5
9.3
CVSSv2
CVE-2008-3637
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote malicious users to execute arbitrary code via a crafted applet, related to an "error checking issue."
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.5.5
Apple Mac Os X Server 10.5.5
Apple Mac Os X Server 10.5.4
Apple Mac Os X 10.4.11
Apple Mac Os X 10.5.4
5
CVSSv2
CVE-2008-4368
The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits, which makes it easier for malicious users to decrypt ciphertext produced by JCE.
Apple Mac Os X 10.5.4
Apple Mac Os X 10.5.5
4.4
CVSSv2
CVE-2009-0150
Stack-based buffer overflow in Apple Mac OS X 10.5 prior to 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image.
Apple Mac Os X 10.5.3
Apple Mac Os X 10.5.5
Apple Mac Os X Server 10.5.4
Apple Mac Os X Server 10.5.0
Apple Mac Os X 10.5.1
Apple Mac Os X Server 10.5.1
Apple Mac Os X Server 10.5.3
Apple Mac Os X 10.5.6
Apple Mac Os X Server 10.5.2
Apple Mac Os X Server 10.5.6
Apple Mac Os X 10.5.0
Apple Mac Os X Server 10.5.5
Apple Mac Os X 10.5.2
Apple Mac Os X 10.5.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »