Mac OS X Vulnerability Scrub Against National Vulnerability Database (nvd.nist.gov)
by Jeff Jones, Security by Numbers
Wed, 2007-04-04 19:42

This page captures the results of taking all vulnerabilities that were fixed by Apple in Mac OS X v10.4 (Tiger) during its first year of release and checking to see if the individual vulnerabilities in National Vulnerability Database (NVD, http://nvd.nist.gov) correctly associate the vulnerability with Apple.

Results:  75.8% correct - 23 out of 95 total vulnerabilities fixed and acknowledged as affecting Mac OS X Tiger during its first year were not listed as affecting any Apple product by the NVD.  Here are the details:

CVE-2004-0079 is associated with Apple in the nvdcve.xml
CVE-2004-0112 is associated with Apple in the nvdcve.xml
CVE-2005-0524 NOT associated with Apple in the nvdcve.xml
CVE-2005-0525 NOT associated with Apple in the nvdcve.xml
CVE-2005-0605 NOT associated with Apple in the nvdcve.xml
CVE-2005-0974 is associated with Apple in the nvdcve.xml
CVE-2005-1042 NOT associated with Apple in the nvdcve.xml
CVE-2005-1043 is associated with Apple in the nvdcve.xml
CVE-2005-1126 NOT associated with Apple in the nvdcve.xml
CVE-2005-1174 NOT associated with Apple in the nvdcve.xml
CVE-2005-1175 NOT associated with Apple in the nvdcve.xml
CVE-2005-1333 is associated with Apple in the nvdcve.xml
CVE-2005-1343 is associated with Apple in the nvdcve.xml
CVE-2005-1406 NOT associated with Apple in the nvdcve.xml
CVE-2005-1472 is associated with Apple in the nvdcve.xml
CVE-2005-1473 is associated with Apple in the nvdcve.xml
CVE-2005-1474 is associated with Apple in the nvdcve.xml
CVE-2005-1689 NOT associated with Apple in the nvdcve.xml
CVE-2005-1720 is associated with Apple in the nvdcve.xml
CVE-2005-1721 is associated with Apple in the nvdcve.xml
CVE-2005-1722 is associated with Apple in the nvdcve.xml
CVE-2005-1723 is associated with Apple in the nvdcve.xml
CVE-2005-1724 is associated with Apple in the nvdcve.xml
CVE-2005-1725 is associated with Apple in the nvdcve.xml
CVE-2005-1726 is associated with Apple in the nvdcve.xml
CVE-2005-1727 is associated with Apple in the nvdcve.xml
CVE-2005-1728 is associated with Apple in the nvdcve.xml
CVE-2005-1849 NOT associated with Apple in the nvdcve.xml
CVE-2005-1992 NOT associated with Apple in the nvdcve.xml
CVE-2005-2096 NOT associated with Apple in the nvdcve.xml
CVE-2005-2194 is associated with Apple in the nvdcve.xml
CVE-2005-2272 is associated with Apple in the nvdcve.xml
CVE-2005-2491 NOT associated with Apple in the nvdcve.xml
CVE-2005-2501 is associated with Apple in the nvdcve.xml
CVE-2005-2502 is associated with Apple in the nvdcve.xml
CVE-2005-2503 is associated with Apple in the nvdcve.xml
CVE-2005-2504 is associated with Apple in the nvdcve.xml
CVE-2005-2506 is associated with Apple in the nvdcve.xml
CVE-2005-2508 is associated with Apple in the nvdcve.xml
CVE-2005-2509 is associated with Apple in the nvdcve.xml
CVE-2005-2511 is associated with Apple in the nvdcve.xml
CVE-2005-2512 is associated with Apple in the nvdcve.xml
CVE-2005-2513 is associated with Apple in the nvdcve.xml
CVE-2005-2515 is associated with Apple in the nvdcve.xml
CVE-2005-2516 is associated with Apple in the nvdcve.xml
CVE-2005-2517 is associated with Apple in the nvdcve.xml
CVE-2005-2520 is associated with Apple in the nvdcve.xml
CVE-2005-2522 is associated with Apple in the nvdcve.xml
CVE-2005-2524 is associated with Apple in the nvdcve.xml
CVE-2005-2525 is associated with Apple in the nvdcve.xml
CVE-2005-2526 is associated with Apple in the nvdcve.xml
CVE-2005-2713 is associated with Apple in the nvdcve.xml
CVE-2005-2714 is associated with Apple in the nvdcve.xml
CVE-2005-2739 is associated with Apple in the nvdcve.xml
CVE-2005-2741 is associated with Apple in the nvdcve.xml
CVE-2005-2742 is associated with Apple in the nvdcve.xml
CVE-2005-2744 is associated with Apple in the nvdcve.xml
CVE-2005-2745 is associated with Apple in the nvdcve.xml
CVE-2005-2746 is associated with Apple in the nvdcve.xml
CVE-2005-2747 is associated with Apple in the nvdcve.xml
CVE-2005-2748 is associated with Apple in the nvdcve.xml
CVE-2005-2749 is associated with Apple in the nvdcve.xml
CVE-2005-2750 is associated with Apple in the nvdcve.xml
CVE-2005-2752 is associated with Apple in the nvdcve.xml
CVE-2005-2757 is associated with Apple in the nvdcve.xml
CVE-2005-3185 NOT associated with Apple in the nvdcve.xml
CVE-2005-3319 NOT associated with Apple in the nvdcve.xml
CVE-2005-3353 NOT associated with Apple in the nvdcve.xml
CVE-2005-3391 NOT associated with Apple in the nvdcve.xml
CVE-2005-3392 NOT associated with Apple in the nvdcve.xml
CVE-2005-3700 is associated with Apple in the nvdcve.xml
CVE-2005-3704 is associated with Apple in the nvdcve.xml
CVE-2005-3705 is associated with Apple in the nvdcve.xml
CVE-2005-3706 is associated with Apple in the nvdcve.xml
CVE-2005-3712 is associated with Apple in the nvdcve.xml
CVE-2005-4504 is associated with Apple in the nvdcve.xml
CVE-2006-0383 is associated with Apple in the nvdcve.xml
CVE-2006-0384 is associated with Apple in the nvdcve.xml
CVE-2006-0386 is associated with Apple in the nvdcve.xml
CVE-2006-0387 is associated with Apple in the nvdcve.xml
CVE-2006-0388 is associated with Apple in the nvdcve.xml
CVE-2006-0389 is associated with Apple in the nvdcve.xml
CVE-2006-0391 is associated with Apple in the nvdcve.xml
CVE-2006-0395 is associated with Apple in the nvdcve.xml
CVE-2006-0396 is associated with Apple in the nvdcve.xml
CVE-2006-0397 is associated with Apple in the nvdcve.xml
CVE-2006-0398 is associated with Apple in the nvdcve.xml
CVE-2006-0399 is associated with Apple in the nvdcve.xml
CVE-2006-0400 is associated with Apple in the nvdcve.xml
CVE-2006-0613 NOT associated with Apple in the nvdcve.xml
CVE-2006-0614 NOT associated with Apple in the nvdcve.xml
CVE-2006-0615 NOT associated with Apple in the nvdcve.xml
CVE-2006-0616 NOT associated with Apple in the nvdcve.xml
CVE-2006-0617 NOT associated with Apple in the nvdcve.xml
CVE-2006-0848 is associated with Apple in the nvdcve.xml

» read more from Jeff Jones | post a comment
Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
* Denotes a required field
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast