Apple: >> Mac Os X >> 10.4.1 Security Vulnerabilities
SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-06-13
Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933.
CVSS Score
7.5
EPSS Score
0.012
Published
2005-06-13
MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-06-08
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVSS Score
5.0
EPSS Score
0.098
Published
2005-05-19
Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.
CVSS Score
2.1
EPSS Score
0.0
Published
2005-05-19
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVSS Score
5.0
EPSS Score
0.011
Published
2005-04-14
Page 313