Apple: >> Mac Os X Server >> 10.3.9 Security Vulnerabilities
Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information.
CVSS Score
5.0
EPSS Score
0.007
Published
2005-10-26
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-10-26
Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
CVSS Score
5.1
EPSS Score
0.048
Published
2005-10-25
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-10-25
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.
CVSS Score
7.6
EPSS Score
0.013
Published
2005-08-19
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
CVSS Score
5.1
EPSS Score
0.01
Published
2005-08-19
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-08-19
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
CVSS Score
5.0
EPSS Score
0.005
Published
2005-08-19
Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
CVSS Score
7.5
EPSS Score
0.031
Published
2005-08-19
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and earlier, when Fast User Switching is enabled, allows attackers to log into other accounts if they know the passwords to at least two accounts.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-08-19