CVSS: 10.0EPSS: 9%CPEs: 4EXPL: 0CVE-2006-3498
https://notcve.org/view.php?id=CVE-2006-3498
02 Aug 2006 — Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request. Desbordamiento de búfer basado en pila en bootpd en el componente DHCP para Apple Mac OS X 10.3.9 y 10.4.7 permite a atacantes remotos ejecutar código de su elección a través de respuestas BOOTP manipuladas. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html •
CVSS: 8.8EPSS: 23%CPEs: 10EXPL: 3CVE-2006-3946
https://notcve.org/view.php?id=CVE-2006-3946
31 Jul 2006 — WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag. WebCore en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.7 permite a atacantes remotos provocar una ... • http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3356
https://notcve.org/view.php?id=CVE-2006-3356
06 Jul 2006 — The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469. La función TIFFFetchAnyArray en ImageIO de Apple OS X 10.4.7 y versiones anteriores permiten al atacantes con la intervención del usuario causar una denegación de servicios (caída de la aplicación)a través de un valo... • http://www.security-protocols.com/sp-x31-advisory.php •
CVSS: 7.8EPSS: 4%CPEs: 14EXPL: 0CVE-2006-1469
https://notcve.org/view.php?id=CVE-2006-1469
27 Jun 2006 — Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. Desbordamiento de búfer basado en pila en ImageIO de Apple Mac OS X v10.4 hasta la v10.4.6 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a través de una imagen TIFF modificada. • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 16%CPEs: 14EXPL: 3CVE-2006-1470 – Apple Mac OSX 10.4.x - OpenLDAP Denial of Service
https://notcve.org/view.php?id=CVE-2006-1470
27 Jun 2006 — OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. OpenLDAP en Apple Mac OS X v10.4 up a v10.4.6 permite a atacantes remotos causar una denegación de servicio (caída) a través de una petición LDAP no válida que lanza un error assert. • https://www.exploit-db.com/exploits/28135 • CWE-399: Resource Management Errors •
CVSS: 7.3EPSS: 1%CPEs: 14EXPL: 0CVE-2006-1471
https://notcve.org/view.php?id=CVE-2006-1471
27 Jun 2006 — Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. Vulnerabilidad de formato de cadena en la función CF_syslog launchd en Apple Mac OS X v10.4 hasta v10.4.6 permite a usuarios locales ejecutar código de su elección a través de especificadores de formato de cadena que no s... • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2006-1468
https://notcve.org/view.php?id=CVE-2006-1468
27 Jun 2006 — Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. Vulnerabilidad no especificada en Apple File Protocol (AFP)server en Apple Mac OS X v10.4 actualizado a v10.4.6 incluye el nombre de ficheros con restricción y directorios dentro de resultados de busqueda, lo que puede permitir a atacantes remotos obtener información sens... • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0CVE-2006-1466
https://notcve.org/view.php?id=CVE-2006-1466
24 May 2006 — Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. • http://lists.apple.com/archives/security-announce/2006/May/msg00004.html •
CVSS: 9.8EPSS: 9%CPEs: 2EXPL: 0CVE-2006-1450
https://notcve.org/view.php?id=CVE-2006-1450
12 May 2006 — Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2006-1452
https://notcve.org/view.php?id=CVE-2006-1452
12 May 2006 — Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •