CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2011-0210
https://notcve.org/view.php?id=CVE-2011-0210
24 Jun 2011 — QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file. QuickTime para Apple Mac OS X antes de v10.6.8 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria y caída de aplicación) a través de tablas de ejemplo hechas a mano en un archivo de película. • http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-0196
https://notcve.org/view.php?id=CVE-2011-0196
24 Jun 2011 — AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network. AirPort para Apple Mac OS X antes de v10.5.8 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites leer y posterior reinicio) a través de marcos (frames) Wi-Fi en la red inalámbrica local. • http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 3%CPEs: 20EXPL: 0CVE-2011-0204
https://notcve.org/view.php?id=CVE-2011-0204
24 Jun 2011 — Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image. Una vulnerabilidad de desbordamiento de búfer de memoria dinámica en ImageIO en Apple Mac OS X antes de v10.6.8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de una imagen TIFF modificada a mano. • http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 8%CPEs: 18EXPL: 0CVE-2011-0209 – Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0209
24 Jun 2011 — Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file. Desbordamiento de entero en QuickTime para Apple Mac OS X antes de v10.6.8 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por caída de aplicación) a través de un archivo WAV RIFF hecho a mano. This vulnerability allows remote attackers to execute arbitrary code on vulnerab... • http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2011-0199
https://notcve.org/view.php?id=CVE-2011-0199
24 Jun 2011 — The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate. El componente de Política de Certificados de Confianza en Apple Mac OS X antes de v10.6.8 no realiza la comprobación de CRL para los certificados de Validación Extendida (EV) que carecen de direcciones URL OCSP, lo que podría permitir falsificar un ser... • http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 5%CPEs: 8EXPL: 0CVE-2011-1755 – jabberd: DoS via the XML "billion laughs attack"
https://notcve.org/view.php?id=CVE-2011-1755
21 Jun 2011 — jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. jabberd2 antes de v2.2.14 no detecta correctamente la recursividad durante la expansión de la entidad, lo que permite a atacantes remotos provocar una denegación de servicio ( consumo de memoria y CPU ) a través de un documen... • http://codex.xiaoka.com/svn/jabberd2/tags/jabberd-2.2.14/ChangeLog • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2011-1783 – (mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control
https://notcve.org/view.php?id=CVE-2011-1783
06 Jun 2011 — The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data. El módulo mod_dav_svn para Apache HTTP Server, como se distribuye en Apache Subersion v1.5.x y v1.6.x antes de 1.6.17, cuando la opción SVNPathAuthz short_circuit está habilitada permite a atacant... • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2011-1752 – (mod_dav_svn): DoS (crash) via request to deliver baselined WebDAV resources
https://notcve.org/view.php?id=CVE-2011-1752
06 Jun 2011 — The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. Módulo mod_dav_svn para Apache HTTP Server, como se distribuye en Apache Subversion antes de v1.6.17, permite a atacantes remotos provocar una denegación de servicio ( desreferenciar punteros Nulos y caída del demonio ) a través... • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 96%CPEs: 13EXPL: 3CVE-2011-0419 – Apache 1.4/2.2.x - APR 'apr_fnmatch()' Denial of Service
https://notcve.org/view.php?id=CVE-2011-0419
16 May 2011 — Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. Vulnerabilidad de agotamie... • https://www.exploit-db.com/exploits/35738 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.3EPSS: 11%CPEs: 79EXPL: 0CVE-2011-0234 – Webkit Detached Body Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0234
19 Apr 2011 — WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. WebKit, empleado en Safari anterior a v5.0.6, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria o caída de aplicación) a través de un sitio web manipulado. Vulnerabilida... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •