CVE-2005-2520

Published: Aug 19, 2005Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.

Affected (3)

Products: Apple: Mac Os X

Apple

1 product

Mac Os X

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Version 10.4.1
Apple Mac Os X	Version 10.4.2
Apple Mac Os X	Version 10.4

References (6)

http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

Source: cve@mitre.org

PatchVendor Advisory

http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1014707

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://securitytracker.com/id?1014707

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.