CVE-2005-2742

medium

Description

SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting.

References

http://www.ciac.org/ciac/bulletins/p-312.shtml

http://www.auscert.org.au/5509

http://secunia.com/advisories/16920/

http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html

Details

Source: Mitre, NVD

Published: 2005-10-26

Updated: 2008-09-05

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Medium