CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1339
https://notcve.org/view.php?id=CVE-2005-1339
04 May 2005 — lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0594
https://notcve.org/view.php?id=CVE-2005-0594
04 May 2005 — Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1330
https://notcve.org/view.php?id=CVE-2005-1330
04 May 2005 — AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 1CVE-2005-1331
https://notcve.org/view.php?id=CVE-2005-1331
04 May 2005 — The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1343
https://notcve.org/view.php?id=CVE-2005-1343
03 May 2005 — Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •
CVSS: 7.1EPSS: 0%CPEs: 56EXPL: 1CVE-2005-1430
https://notcve.org/view.php?id=CVE-2005-1430
03 May 2005 — Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. • http://www.security-focus.com/archive/1/397306 •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 2CVE-2005-0975
https://notcve.org/view.php?id=CVE-2005-0975
22 Apr 2005 — Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header. • http://felinemenace.org/advisories/macosx.txt •
CVSS: 7.5EPSS: 1%CPEs: 71EXPL: 0CVE-2005-1043
https://notcve.org/view.php?id=CVE-2005-1043
12 Apr 2005 — exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2005-0713 – Apple Mac OSX 10.3.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-0713
21 Mar 2005 — The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. • https://www.exploit-db.com/exploits/25256 •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2005-0715
https://notcve.org/view.php?id=CVE-2005-0715
21 Mar 2005 — AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. • http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html •