NotCVE - vendor:"Apple" product:"Mac Os X" version:"10.5.1"

Page 105 of 2167 results (0.018 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4739

https://notcve.org/view.php?id=CVE-2016-4739

25 Sep 2016 — mDNSResponder in Apple OS X before 10.12, when VMnet.framework is used, arranges for a DNS proxy to listen on all interfaces, which allows remote attackers to obtain sensitive information by sending a DNS query to an unintended interface. mDNSResponder en Apple OS X en versiones anteriores a 10.12, cuando se usa VMnet.framework, ordena que un proxy DNS sea escuchado en todas las interfaces, lo que permite a atacantes remotos obtener información sensible enviando una consulta DNS a una interfaz involuntaria. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4703

https://notcve.org/view.php?id=CVE-2016-4703

25 Sep 2016 — Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Bluetooth en Apple OS X en versiones anteriores a 10.12 permite a atacantes ejecutar un código arbitrario en un contexto privilegiado o provocar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4701

https://notcve.org/view.php?id=CVE-2016-4701

25 Sep 2016 — Application Firewall in Apple OS X before 10.12 allows local users to cause a denial of service via vectors involving a crafted SO_EXECPATH environment variable. Application Firewall en Apple OS X en versiones anteriores a 10.12 permite a usuarios locales provocar una denegación de servicio a través de vectores relacionados con un entorno variable SO_EXECPATH manipulado. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4752

https://notcve.org/view.php?id=CVE-2016-4752

25 Sep 2016 — The SecKeyDeriveFromPassword function in Apple OS X before 10.12 does not use the CF_RETURNS_RETAINED keyword, which allows attackers to obtain sensitive information from process memory by triggering key derivation. La función SecKeyDeriveFromPassword en Apple OS X en versiones anteriores a 10.12 no utiliza la palabra clave CF_RETURNS_RETAINED, lo que permite a atacantes obtener información sensible desde el proceso de memoria desencadenando la obtención de clave. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4709 – Apple OS X WindowServer _XSetPerUserConfigurationData Type Confusion Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2016-4709

25 Sep 2016 — WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4710. WindowServer en Apple OS X en versiones anteriores a 10.12 permite a usuarios locales obtener acceso de root a través de vectores que desencadenan una "confusión de tipo", una vulnerabilidad diferente a CVE-2016-4710. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker ... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4710 – Apple OS X WindowServer _XSetPreferencesForWorkspaces Type Confusion Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2016-4710

25 Sep 2016 — WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage "type confusion," a different vulnerability than CVE-2016-4709. WindowServer en Apple OS X en versiones anteriores a 10.12 permite a usuarios locales obtener acceso de root a través de vectores que desencadenan una "confusión de tipo", una vulnerabilidad diferente a CVE-2016-4709. This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker ... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4717

https://notcve.org/view.php?id=CVE-2016-4717

25 Sep 2016 — The File Bookmark component in Apple OS X before 10.12 mishandles scoped-bookmark file descriptors, which allows attackers to cause a denial of service via a crafted app. El componente File Bookmark en Apple SO X en versiones anteriores a 10.12 no maneja correctamente descriptores de archivos de marcadores de ámbito, lo que permite a atacantes provocar una denegación de servicio a través de una aplicación manipulada. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4748

https://notcve.org/view.php?id=CVE-2016-4748

25 Sep 2016 — Perl in Apple OS X before 10.12 allows local users to bypass the taint-mode protection mechanism via a crafted environment variable. Perl en Apple OS X en versiones anteriores a 10.12 permite a usuarios locales eludir el mecanismo de protección a través de un entorno variable manipulado. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-254: 7PK - Security Features •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4723

https://notcve.org/view.php?id=CVE-2016-4723

25 Sep 2016 — Intel Graphics Driver in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Intel Graphics Driver en Apple OS X en versiones anteriores a 10.12 permite a atacantes ejecutar un código arbitrario en un contexto privilegiado o provocar una denegación de servicio (corrupción de memoria) a través de una app manipulada. • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2016-4736 – Apple Security Advisory 2017-10-31-2

https://notcve.org/view.php?id=CVE-2016-4736

25 Sep 2016 — libarchive in Apple OS X before 10.12 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted file. libarchive en Apple OS X en versiones anteriores a 10.12 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o tener otros posibles impactos no especificados a través de un archivo manipulado. macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan are now availa... • http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...103 104 105 106 107