CVE-2009-0018
The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory.
Date published : 2009-02-12
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html