Page 167 of 897 results (0.013 seconds)

CVSS: 9.3EPSS: 4%CPEs: 72EXPL: 0

CVE-2011-0192 – libtiff: buffer overflow in Fax4Decode

https://notcve.org/view.php?id=CVE-2011-0192

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en LibTIFF en ImageIO en iTunes de Apple antesrior a v10.2 en Windows permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (solicitud de bloqueo) a través de una imagen TIFF manipulada con CCITT Grupo 4 de codificación. • http://blackberry.com/btsc/KB27244 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 0%CPEs: 73EXPL: 0

CVE-2011-0144

https://notcve.org/view.php?id=CVE-2011-0144

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. WebKit, tal como se utiliza en el iTunes de Apple antes de v10.2 para Windows, permite a los atacantes "man-in-the-middle" ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída de la aplicación)a través de vectores relacionados con la navegación de la tienda iTunes, una vulnerabilidad diferente a los CVE listados en APPLE-SA-2011-03-02-1. • http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4564 http://support.apple.com/kb/HT4566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17312 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 0%CPEs: 73EXPL: 0

CVE-2011-0148

https://notcve.org/view.php?id=CVE-2011-0148

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. WebKit, tal como se utiliza en el iTunes de Apple antes de v10.2 para Windows, permite a los atacantes "man-in-the-middle" ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y bloqueo de la aplicación)a través de vectores relacionados con la navegación de la tienda iTunes, una vulnerabilidad diferente a los CVE listados en APPLE-SA-2011-03-02-1. • http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4564 http://support.apple.com/kb/HT4566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 0%CPEs: 73EXPL: 0

CVE-2011-0140

https://notcve.org/view.php?id=CVE-2011-0140

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. WebKit, tal como se utiliza en el iTunes de Apple antes de v10.2 para Windows, permite a los atacantes "man-in-the-middle" ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída de la aplicación)a través de vectores relacionados con la navegación de la tienda iTunes, una vulnerabilidad diferente a los CVE listados en APPLE-SA-2011-03-02-1. • http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4564 http://support.apple.com/kb/HT4566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17378 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 0%CPEs: 73EXPL: 0

CVE-2011-0130

https://notcve.org/view.php?id=CVE-2011-0130

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. WebKit, tal como se utiliza en el iTunes de Apple antes de v10.2 para Windows, permite a los atacantes "man-in-the-middle" ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída de la aplicación)a través de vectores relacionados con la navegación de la tienda iTunes, una vulnerabilidad diferente a los CVE listados en APPLE-SA-2011-03-02-1. • http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://support.apple.com/kb/HT4554 http://support.apple.com/kb/HT4564 http://support.apple.com/kb/HT4566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16568 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •