Page 130 of 777 results (0.010 seconds)

CVSS: 6.5EPSS: 3%CPEs: 12EXPL: 0

Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.osvdb.org/23648 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25029 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 2

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. • https://www.exploit-db.com/exploits/1545 http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=400 http://www.osvdb.org/23646 http://www.securityfocus.com/archive/1/426535/100/0/threaded http://www.securityfocus.com/bid/16907 http://www.securityfocus.com/bid/16910 http://www.us-cert.gov/cas/techa •

CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 1

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to overwrite arbitrary files via a symlink attack on the .pwtmp.[PID] temporary file. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=400 http://www.osvdb.org/23647 http://www.securityfocus.com/archive/1/426535/100/0/threaded http://www.securityfocus.com/bid/16907 http://www.securityfocus.com/bid/16910 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com& • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 1

Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. • http://www.osvdb.org/20776 •

CVSS: 6.4EPSS: 1%CPEs: 12EXPL: 0

Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.osvdb.org/23644 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25026 •