CVE-2005-1933
https://notcve.org/view.php?id=CVE-2005-1933
Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. • http://www.kb.cert.org/vuls/id/983429 http://www1.cs.columbia.edu/~aaron/files/widgets •
CVE-2005-1728
https://notcve.org/view.php?id=CVE-2005-1728
MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html http://securitytracker.com/id?1014148 •
CVE-2005-1472
https://notcve.org/view.php?id=CVE-2005-1472
Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories. • http://lists.apple.com/archives/security-announce/2005/May/msg00004.html •
CVE-2005-1260
https://notcve.org/view.php?id=CVE-2005-1260
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). • ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/15447 http://secunia.com/advisories/19183 http://secunia.com/advisories/27274 http://secunia.com/advisories/27643 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103118-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200191-1 http • CWE-400: Uncontrolled Resource Consumption •
CVE-2005-1307 – Apple Mac OSX Adobe Version Cue - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-1307
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. • https://www.exploit-db.com/exploits/680 http://archives.neohapsis.com/archives/bugtraq/2004-12/0040.html http://marc.info/?l=bugtraq&m=111627622403544&w=2 http://secunia.com/advisories/13399 http://securitytracker.com/id?1012446 http://www.adobe.com/support/techdocs/331621.html http://www.osvdb.org/12297 http://www.osvdb.org/12298 http://www.securiteam.com/exploits/5EP0D20FQC.html http://www.securityfocus.com/bid/11833 https://exchange.xforce.ibmcloud.com/vulnerabilities •