Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service.
https://exchange.xforce.ibmcloud.com/vulnerabilities/26634
http://www.vupen.com/english/advisories/2006/1950
http://www.securityfocus.com/bid/18091
http://securitytracker.com/id?1016143
http://secunia.com/advisories/20267
http://lists.apple.com/archives/security-announce/2006/May/msg00004.html