CVSS: 8.8EPSS: 96%CPEs: 2EXPL: 4CVE-2006-0848 – Apple Safari - Archive Metadata Command Execution
https://notcve.org/view.php?id=CVE-2006-0848
22 Feb 2006 — The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. • https://www.exploit-db.com/exploits/16866 • CWE-16: Configuration •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 1CVE-2005-3782
https://notcve.org/view.php?id=CVE-2005-3782
31 Dec 2005 — Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. • http://www.osvdb.org/20776 •
CVSS: 7.1EPSS: 0%CPEs: 32EXPL: 2CVE-2005-2713 – Apple Mac OSX - '/usr/bin/passwd' Custom Passwd Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-2713
31 Dec 2005 — passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. • https://www.exploit-db.com/exploits/1545 •
CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 1CVE-2005-2714
https://notcve.org/view.php?id=CVE-2005-2714
31 Dec 2005 — passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. • http://docs.info.apple.com/article.html?artnum=303382 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2005-3706
https://notcve.org/view.php?id=CVE-2005-3706
31 Dec 2005 — Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. • http://docs.info.apple.com/article.html?artnum=303382 •
CVSS: 8.8EPSS: 2%CPEs: 12EXPL: 0CVE-2005-3712
https://notcve.org/view.php?id=CVE-2005-3712
31 Dec 2005 — Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. • http://docs.info.apple.com/article.html?artnum=303382 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 37%CPEs: 75EXPL: 3CVE-2005-4504 – Apple Mac OSX - KHTMLParser Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-4504
22 Dec 2005 — The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWSPAN attribute in a TD tag. • https://www.exploit-db.com/exploits/26971 •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2005-4217
https://notcve.org/view.php?id=CVE-2005-4217
14 Dec 2005 — Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges. Perl en Apple Mac OS X Server 10.3.9 no se quita apropiadamente privilegios cuando se usa la variable "$<" para establecer uid, lo que permite a atacantes ganar privilegios. • http://docs.info.apple.com/article.html?artnum=303382 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3702
https://notcve.org/view.php?id=CVE-2005-3702
01 Dec 2005 — Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. • http://docs.info.apple.com/article.html?artnum=302847 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2005-3704
https://notcve.org/view.php?id=CVE-2005-3704
01 Dec 2005 — System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). • http://docs.info.apple.com/article.html?artnum=302847 •