CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0126
https://notcve.org/view.php?id=CVE-2005-0126
29 Jan 2005 — ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0127
https://notcve.org/view.php?id=CVE-2005-0127
29 Jan 2005 — Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html •
CVSS: 8.8EPSS: 5%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
21 Dec 2004 — Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 9.8EPSS: 4%CPEs: 86EXPL: 0CVE-2005-0373
https://notcve.org/view.php?id=CVE-2005-0373
07 Oct 2004 — Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml •
CVSS: 9.8EPSS: 10%CPEs: 3EXPL: 0CVE-2002-1347
https://notcve.org/view.php?id=CVE-2002-1347
11 Dec 2002 — Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. Desbordamiento de búfer en la librería Cyrus SASL 2.1.9 y anteriores permite a atacantes remoto... • http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.html • CWE-131: Incorrect Calculation of Buffer Size •