CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-0516
https://notcve.org/view.php?id=CVE-2004-0516
03 Jun 2004 — Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. Vulnerabilidad desconocida en Mac OS X 10.3.4, relacionada con "scripts de instalación de paquetes", una vulnerabilidad distinta de CAN-2004-0517. • http://lists.seifried.org/pipermail/security/2004-May/003743.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2004-0489
https://notcve.org/view.php?id=CVE-2004-0489
28 May 2004 — Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option. Vulnerabilidad de inyección de argumentos en el manejador de URI SSH de Safari sobre Mac OS 10.3.3 y anteriores permite a atacantes remotos (1) ejecutar código de su elección mediante la opción ProxyCommand o (2) hacer reenvío de puertos mediante la opción -R. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021871.html • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 9.8EPSS: 31%CPEs: 8EXPL: 2CVE-2004-0486 – Apple Mac OSX 10.3.x - Help Protocol Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0486
28 May 2004 — HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. HelpViewer en Mac OS X 10.3.3 y 10.2.8 procesa scripts que no inició, lo que puede permitir a atacantes ejecuatar código de su elección, un problema que fue reportado originalmente como una vulnerabilidad de atravesam... • https://www.exploit-db.com/exploits/24121 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0485
https://notcve.org/view.php?id=CVE-2004-0485
28 May 2004 — The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. El ayudante de protocolo para URI "disk:" en Mac OX X 10.3.3 y 10.2.8 permite a atacantes remotos escribir ficheros arbitrarios haciendo que un fichero de imagen de disco (.dmg) sea montado como un volumen de disco. • http://fundisom.com/owned/warning •
CVSS: 9.8EPSS: 43%CPEs: 2EXPL: 3CVE-2004-0430 – AppleFileServer (OSX) - LoginExt PathName Overflow
https://notcve.org/view.php?id=CVE-2004-0430
06 May 2004 — Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. Desbordamiento de búfer basado en la pila en AppleFileServer de MAC OS X 10.3.3 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante un paquete LoginExt para un... • https://www.exploit-db.com/exploits/16863 •
CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0CVE-2004-0428
https://notcve.org/view.php?id=CVE-2004-0428
03 May 2004 — Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. • http://lists.virus.org/macsec-0405/msg00000.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0382
https://notcve.org/view.php?id=CVE-2004-0382
07 Apr 2004 — Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting. Vulnerabiliad desconocida en el sistema de impresión CUPS en Mac OS X 10.3.3 y Mac OS X 10.2.8, con impacto desconocido, posiblemente relacionado con una entrada en un fichero de configuración. • http://docs.info.apple.com/article.html?artnum=61798 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0383
https://notcve.org/view.php?id=CVE-2004-0383
07 Apr 2004 — Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." Vulnerabilidad desconocida en Mail de Mac OS X 10.3.3 y 10.2.8, con impacto desconocido, relacionado con el "manejo de correo electrónico en formato HTML" • http://docs.info.apple.com/article.html?artnum=61798 •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •