Page 2 of 7 results (0.003 seconds)

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Vulnerabilidad en Office Viewer en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos leer archivos arbitrarios a través de un documento XML que contiene una declaración de entidad externa en conjunción con una referencia de entidad, relacionada con un problema de entidad externa XML (XXE). • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html http://www.securityfocus.com/bid/76343 http://www.securitytracker.com/id/1033275 https://support.apple.com/HT205373 https://support.apple.com/kb/HT205030 https://support.apple.com/kb/HT205031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 4%CPEs: 7EXPL: 0

Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. Vulnerabilidad de doble liberación en Apple Pages v2.x anterior a v2.1 y v5.x anterior a v5.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de un fichero de Microsoft Word manipulado. • http://osvdb.org/102460 http://secunia.com/advisories/56615 http://secunia.com/advisories/56630 http://support.apple.com/kb/HT6117 http://support.apple.com/kb/HT6150 http://support.apple.com/kb/HT6162 http://www.securityfocus.com/bid/65113 http://www.securitytracker.com/id/1029683 https://exchange.xforce.ibmcloud.com/vulnerabilities/90672 • CWE-415: Double Free •