CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2006-0384
https://notcve.org/view.php?id=CVE-2006-0384
automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://securitytracker.com/id?1015709 http://www.osvdb.org/23640 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25021 •
CVSS: 5.1EPSS: 97%CPEs: 2EXPL: 5CVE-2006-0848 – Safari Archive Metadata Command Execution
https://notcve.org/view.php?id=CVE-2006-0848
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. • https://www.exploit-db.com/exploits/16866 http://docs.info.apple.com/article.html?artnum=303382 http://secunia.com/advisories/18963 http://securitytracker.com/id?1015652 http://www.frsirt.com/exploits/20060222.safari_safefiles_exec.pm.php http://www.heise.de/english/newsticker/news/69862 http://www.kb.cert.org/vuls/id/999708 http://www.mathematik.uni-ulm.de/numerik/staff/lehn/macosx.html http://www.osvdb.org/23510 http://www.securityfocus.com/bid/16736 http:// • CWE-16: Configuration •
CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 1CVE-2005-3782
https://notcve.org/view.php?id=CVE-2005-3782
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. • http://www.osvdb.org/20776 •
CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 1CVE-2005-2714
https://notcve.org/view.php?id=CVE-2005-2714
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=400 http://www.osvdb.org/23647 http://www.securityfocus.com/archive/1/426535/100/0/threaded http://www.securityfocus.com/bid/16907 http://www.securityfocus.com/bid/16910 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com& • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.4EPSS: 1%CPEs: 12EXPL: 0CVE-2005-3706
https://notcve.org/view.php?id=CVE-2005-3706
Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.osvdb.org/23644 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25026 •