CVSS: 6.4EPSS: 4%CPEs: 5EXPL: 0CVE-2007-1661
https://notcve.org/view.php?id=CVE-2007-1661
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns. La librería Perl-Compatible Regular Expression (PCRE) anterior a 7.3 vuelve demasiado atrás cuando compara determinados bytes de entrada con algunos patrones de expresiones regulares en modo no-UTF-8, lo cual permite a atacantes locales o remotos (dependiendo del contexto) obtener información sensible o provocar una denegación de servicio (caída), como se ha demostrado mediante los patrones "\X?\d" y "\P{L}? • http://bugs.gentoo.org/show_bug.cgi?id=198976 http://docs.info.apple.com/article.html?artnum=307179 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html http://secunia.com/advisories/27538 http://secunia.com/advisories/27543 http://secunia.com/advisories/27554 h •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2403
https://notcve.org/view.php?id=CVE-2007-2403
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. CFNetwork en Apple Mac OS X 10.3.9 y 10.4.10 no valida adecuadamente URIs ftp:, lo cual permite a atacantes remotos provocar la transmisión de comandos FTP de su elección mediante servidores FTP de su elección. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018491 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35721 •
CVSS: 6.8EPSS: 4%CPEs: 3EXPL: 0CVE-2007-2406
https://notcve.org/view.php?id=CVE-2007-2406
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file. Quartz Composer en Apple Mac OS X 10.4.10 no inicializa cierto punto a objeto, lo cual podría permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero Quartz Composer manipulado artesanalmente. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35737 •
CVSS: 6.8EPSS: 3%CPEs: 5EXPL: 0CVE-2007-3745
https://notcve.org/view.php?id=CVE-2007-3745
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code. La interfaz Java para CoreAudio en Apple Mac OS X 10.3.9 y 10.4.10 contiene una interfaz no segura que es expuesta por JDirect, lo cual permite a atacantes remotos liberar memoria de su elección y por tanto ejecutar código arbitrario. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018492 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35725 •
CVSS: 4.0EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2407
https://notcve.org/view.php?id=CVE-2007-2407
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. El servidor Samba en Apple Mac OS X 10.3.9 y 10.4.10, cuando la compartición de archivos Windows está habilitada, no impone quotas de disco tras borrar privilegios, lo cual permite a usuarios remotos autenticados utilizar espacio de disco que excede la quota. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35738 •