CVE-2004-0622 | Vulnerability Database | Aqua Security

Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	10.3.4 (including)	10.3.4 (including)
Mac_os_x	Apple	10.4 (including)	10.4 (including)
Mac_os_x	Apple	10.5 (including)	10.5 (including)

References

http://citp.princeton.edu/pub/coldboot.pdf
http://marc.info/?l=bugtraq\u0026m=108819559925981\u0026w=2
http://www.securityfocus.com/archive/1/488930/100/100/threaded
http://www.securityfocus.com/archive/1/488948/100/100/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/16557
http://citp.princeton.edu/pub/coldboot.pdf
http://marc.info/?l=bugtraq\u0026m=108819559925981\u0026w=2
http://www.securityfocus.com/archive/1/488930/100/100/threaded
http://www.securityfocus.com/archive/1/488948/100/100/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/16557

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0622
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html