CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1338
https://notcve.org/view.php?id=CVE-2005-1338
04 May 2005 — Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1333 – Apple Mac OSX 10.x - BlueTooth Directory Traversal
https://notcve.org/view.php?id=CVE-2005-1333
04 May 2005 — Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. • https://www.exploit-db.com/exploits/25598 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1332
https://notcve.org/view.php?id=CVE-2005-1332
04 May 2005 — Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. • http://docs.info.apple.com/article.html?artnum=301381 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1339
https://notcve.org/view.php?id=CVE-2005-1339
04 May 2005 — lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1336
https://notcve.org/view.php?id=CVE-2005-1336
04 May 2005 — Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1330
https://notcve.org/view.php?id=CVE-2005-1330
04 May 2005 — AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 1CVE-2005-1331
https://notcve.org/view.php?id=CVE-2005-1331
04 May 2005 — The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 9.8EPSS: 22%CPEs: 11EXPL: 1CVE-2005-1342
https://notcve.org/view.php?id=CVE-2005-1342
04 May 2005 — The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1343
https://notcve.org/view.php?id=CVE-2005-1343
03 May 2005 — Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •
CVSS: 7.1EPSS: 0%CPEs: 56EXPL: 1CVE-2005-1430
https://notcve.org/view.php?id=CVE-2005-1430
03 May 2005 — Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. • http://www.security-focus.com/archive/1/397306 •