Lucene search

[email protected]CVE-2005-2742

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-2742

2022-10-0316:22:49

[email protected]

web.nvd.nist.gov

securityagent

apple

mac os x

10.4.2

cve-2005-2742

physical access

security bypass

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.3%

JSON

SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the “Switch User…” button to appear even though the “Enable fast user switching” setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the “Require password to wake this computer from sleep or screen saver” setting.

Affected configurations

NVD

Node

applemac_os_xMatch10.4.2

applemac_os_x_serverMatch10.4.2

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq10.4.2
apple:mac_os_x_serverapple mac os x servereq10.4.2

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	10.4.2
apple:mac_os_x_server	apple mac os x server	eq	10.4.2

References

lists.apple.com/archives/security-announce/2005/Sep/msg00002.html

secunia.com/advisories/16920/

www.auscert.org.au/5509

www.ciac.org/ciac/bulletins/p-312.shtml

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.3%

JSON

Related for CVE-2005-2742

cvelist1 nvd1 nessus1