CVSS: 5.0EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1084
https://notcve.org/view.php?id=CVE-2004-1084
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18349 •
CVSS: 2.1EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1081
https://notcve.org/view.php?id=CVE-2004-1081
The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18350 •
CVSS: 2.1EPSS: 0%CPEs: 35EXPL: 0CVE-2004-1087
https://notcve.org/view.php?id=CVE-2004-1087
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. • http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html http://secunia.com/advisories/13362 http://www.ciac.org/ciac/bulletins/p-049.shtml http://www.securityfocus.com/bid/11802 https://exchange.xforce.ibmcloud.com/vulnerabilities/18355 •
CVSS: 5.0EPSS: 0%CPEs: 51EXPL: 0CVE-2004-0927
https://notcve.org/view.php?id=CVE-2004-0927
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •
CVSS: 5.0EPSS: 0%CPEs: 51EXPL: 0CVE-2004-0924
https://notcve.org/view.php?id=CVE-2004-0924
NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •