CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2008-1517
https://notcve.org/view.php?id=CVE-2008-1517
13 May 2009 — Array index error in the xnu (Mach) kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (system shutdown) via unspecified vectors related to workqueues. El núcleo en Apple Mac OS X v10.5 antes de v10.5.7 no verifica los índices correctamente durante la tramitación de colas de trabajo (workqueues), lo cual permite a usuarios locales obtener privilegios o provocar una denegación de servicio (apagado del sistema) a través de vectores no especificados. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=797 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 2%CPEs: 16EXPL: 0CVE-2009-0156
https://notcve.org/view.php?id=CVE-2009-0156
13 May 2009 — Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read. Launch Services en Apple Mac OS X v10.4.11 y v10.5 antes de v10.5.7 permite a atacantes remotos provocar una denegación de servicio (cuelgue persistente de Finder) a través de un ejecutable elaborado "Mach-O" que desencadena una lectura fuera de los límites de memoria. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 3%CPEs: 16EXPL: 0CVE-2009-0943
https://notcve.org/view.php?id=CVE-2009-0943
13 May 2009 — Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files. Help Viewer de Apple Mac OS X v10.4.11 y v10.5 anteriores a v10.5.7 no verifica que las rutas HTML esten localizadas en un libro de ayuda registrado, lo cual permite a atacantes remotos ejecutar código arbitrario a través de una URL help: la que desencadena... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 91%CPEs: 17EXPL: 0CVE-2009-0010 – Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-0010
13 May 2009 — Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a crafted 0x77 Poly tag and a crafted length field, which triggers a heap-based buffer overflow. Desbordamiento inferior de entero en QuickDraw Manager en Apple Mac OS X v10.4.11 y v10.5 antes de v10.5.7 permite a atacantes remotos ejecutar código arbitrario o causar ... • http://lists.apple.com/archives/security-announce/2009/Jun/msg00000.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 43%CPEs: 16EXPL: 0CVE-2009-0154 – Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-0154
13 May 2009 — Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font. Desbordamiento de búfer basado en pila en Apple Type Services (ATS) en Apple Mac OS X v10.4.11 y v10.5 antes de v10.5.7 permite a atacantes remotos ejecutar código arbitrario a través de una fuente Compact Font Format (CFF) elaborada. This vulnerability allows remote attackers to execute arbitrary code on vuln... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 8%CPEs: 72EXPL: 0CVE-2009-0945 – Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-0945
13 May 2009 — Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SV... • http://code.google.com/p/chromium/issues/detail?id=9019 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 25%CPEs: 21EXPL: 0CVE-2009-0946 – freetype: multiple integer overflows
https://notcve.org/view.php?id=CVE-2009-0946
17 Apr 2009 — Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. Múltiples desbordamientos de entero en FreeType v2.3.9 y anteriores permiten a atacantes remotos ejecutar código de su elección mediante vectores relacionados con valores grandes en ciertas entradas en (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, y (3) cff/cffload.c. This GLSA contains ... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 88%CPEs: 18EXPL: 0CVE-2009-0846 – krb5: ASN.1 decoder can free uninitialized pointer when decoding an invalid encoding (MITKRB5-SA-2009-002)
https://notcve.org/view.php?id=CVE-2009-0846
09 Apr 2009 — The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer. La función asn1_decode_generaltime en lib/krb5/asn.1/asn1_decode.c en el decodificador ASN.1 GeneralizedTime en MIT Kerberos 5 (también conocido como Krb5) anteriore... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-416: Use After Free CWE-824: Access of Uninitialized Pointer •
CVSS: 10.0EPSS: 5%CPEs: 114EXPL: 3CVE-2009-1236 – Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-1236
02 Apr 2009 — Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member. Desbordamiento de búfer basado en pila en AppleTalk networking stack en XNU v1228.3.13 y anteriores en Apple Mac OS X v10.5.6 permite a atacantes remotos producir una denegación de servicio (caída del sistema) a través de u... • https://www.exploit-db.com/exploits/8262 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 114EXPL: 4CVE-2009-1235 – Apple Mac OSX xnu 1228.x - 'hfs-fcntl' Kernel Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1235
02 Apr 2009 — XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. XNU v1228.9.59 y anteriores en Apple Mac OS X v10.5.6 no aplica las restricciones adecuadas entre el espacio del usuario y el manejador HFS IOCTL, lo que permite a usuarios locales sobrescri... • https://www.exploit-db.com/exploits/8266 • CWE-264: Permissions, Privileges, and Access Controls •