NotCVE - vendor:"Apple" product:"Mac Os X" version:" >= 10.0.0 <= 10.5.4"

Page 198 of 2650 results (0.008 seconds)

CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0

CVE-2010-1396 – Apple Webkit Option Element ContentEditable Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-1396

08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes r... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •

CVSS: 8.8EPSS: 2%CPEs: 13EXPL: 0

CVE-2010-0538

https://notcve.org/view.php?id=CVE-2010-0538

21 May 2010 — Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 do not properly handle mediaLibImage objects, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted applet, related to the com.sun.medialib.mlib package. Apple Java para Mac OS X 10.5 en versiones anteriores al Update 7 y Java para Mac OS X 10.6 en versiones anteriores al Update 2 no utilizan apropiadamente los objetos mediaL... • http://lists.apple.com/archives/security-announce/2010//May/msg00001.html • CWE-399: Resource Management Errors •

CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 0

CVE-2010-0539

https://notcve.org/view.php?id=CVE-2010-0539

21 May 2010 — Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted applet. Error de presencia de signo en entero en la implementación de la visualización de la ventana en Apple Java para Mac OS X 10.5 en versiones anteriores al Update 7 y Java para Mac OS X 10.6 en versiones anteriores al Update 2. Permite a ata... • http://lists.apple.com/archives/security-announce/2010//May/msg00001.html • CWE-189: Numeric Errors •

CVSS: 6.5EPSS: 0%CPEs: 43EXPL: 0

CVE-2010-0531

https://notcve.org/view.php?id=CVE-2010-0531

31 Mar 2010 — Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. Apple iTunes en versiones anteriores a la 9.1 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un fichero de podcast MP4 manipulado. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html • CWE-399: Resource Management Errors •

CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0

CVE-2010-0063

https://notcve.org/view.php?id=CVE-2010-0063

30 Mar 2010 — Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, as demonstrated by the values for the (1) .ibplugin and (2) .url extensions. Vulnerabilidad de lista negra incompleta en CoreTypes en Apple Mac OS X anterior v10.6.3 hace que sea fácil para atacantes asistidos por us... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

CVE-2010-0500

https://notcve.org/view.php?id=CVE-2010-0500

30 Mar 2010 — Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue." El Monitor de Eventos (Event Monitor) de Apple Mac OS X en versiones anteriores a la v10.6.3 no valida apropiadamente los nombres de equipo (hostnames) de los clientes SSH, lo que permite a atacantes remotos provocar una denegación de servicio (añadido a... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

CVE-2010-0513

https://notcve.org/view.php?id=CVE-2010-0513

30 Mar 2010 — Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScript document. Desbordamiento de búfer basado en pila PS Normalizer en Apple Mac OS X anterior v10.6.3 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de programa) a través de un documento PostScript manipulado. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

CVE-2010-0507

https://notcve.org/view.php?id=CVE-2010-0507

30 Mar 2010 — Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image. Desbordamiento de búfer en Image RAW en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de una imagen PEF manipulada. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 4%CPEs: 26EXPL: 0

CVE-2010-0497 – Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0497

30 Mar 2010 — Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers to execute arbitrary code via a package file type. Disk Images en Apple Mac OS X anteriores a v10.6.3 no proporciona la advertencia esperada de tipo de fichero inseguro en una imagen de disco habilitada para internet, lo cual facilita a atacantes remotos asistidos por usuarios ejecutar código a su elección a trav... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html •

CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0

CVE-2010-0065

https://notcve.org/view.php?id=CVE-2010-0065

30 Mar 2010 — Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image with bzip2 compression. Disk Images de Apple Mac OS X anterior a v10.6.3 permite a atacantes remotos asistidos por el usuario ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) mediante una imagen de disco manipulada con compresión bzip2. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...196 197 198 199 200