Unrated severityNVD Advisory· Published Aug 19, 2005· Updated Apr 16, 2026

CVE-2005-2520

Description

The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords.

Affected products

Apple Inc./Mac Os X3 versions
cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlnvdPatchVendor Advisory
lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlnvdPatchVendor Advisory
securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000