Apple: >> Mac Os X Server Security Vulnerabilities
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods.
CVSS Score
2.6
EPSS Score
0.006
Published
2008-03-18
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials.
CVSS Score
1.7
EPSS Score
0.001
Published
2008-03-18
Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects.
CVSS Score
6.9
EPSS Score
0.001
Published
2008-03-18
Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference.
CVSS Score
7.1
EPSS Score
0.009
Published
2008-03-18
Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments.
CVSS Score
8.5
EPSS Score
0.027
Published
2008-03-18
Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.
CVSS Score
5.8
EPSS Score
0.072
Published
2008-03-18
Unspecified vulnerability in AFP Server in Apple Mac OS X 10.4.11 allows remote attackers to bypass cross-realm authentication via unknown manipulations of Kerberos principal realm names.
CVSS Score
7.1
EPSS Score
0.012
Published
2008-03-18
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions.
CVSS Score
5.0
EPSS Score
0.006
Published
2008-03-18
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.
CVSS Score
6.8
EPSS Score
0.022
Published
2008-03-18
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications.
CVSS Score
1.9
EPSS Score
0.002
Published
2008-03-18