CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2010-0507
https://notcve.org/view.php?id=CVE-2010-0507
30 Mar 2010 — Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image. Desbordamiento de búfer en Image RAW en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de una imagen PEF manipulada. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 68%CPEs: 6EXPL: 1CVE-2010-0519 – Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0519
30 Mar 2010 — Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value. Desbordamiento de enteros en QuickTime en Apple Mac OS X anterior v10.6.3 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de programa) a través de un archivo de pelicula manipulado co... • https://www.exploit-db.com/exploits/14869 • CWE-189: Numeric Errors •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0064
https://notcve.org/view.php?id=CVE-2010-0064
30 Mar 2010 — DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users. DesktopServices en Apple Mac OS X v10.6 anteriores a v10.6.3 preserva la propiedad del fichero durante una copia Finder autenticada, lo que puede permitir a usuarios locales evitar las restricciones de disco previstas y tener otros impactos sin especi... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 4%CPEs: 26EXPL: 0CVE-2010-0497 – Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0497
30 Mar 2010 — Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers to execute arbitrary code via a package file type. Disk Images en Apple Mac OS X anteriores a v10.6.3 no proporciona la advertencia esperada de tipo de fichero inseguro en una imagen de disco habilitada para internet, lo cual facilita a atacantes remotos asistidos por usuarios ejecutar código a su elección a trav... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2010-0521
https://notcve.org/view.php?id=CVE-2010-0521
30 Mar 2010 — Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests. Server Admin en Apple Mac OS X Server anteriores a v10.6.3 no aplica adecuadamente la autentican para la vinculación de directorio, lo que permite a atacantes remotos obtener información potencialmente sensible del Open Directory a través de peticiones LDAP inespecíficas... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2010-0065
https://notcve.org/view.php?id=CVE-2010-0065
30 Mar 2010 — Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image with bzip2 compression. Disk Images de Apple Mac OS X anterior a v10.6.3 permite a atacantes remotos asistidos por el usuario ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) mediante una imagen de disco manipulada con compresión bzip2. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2010-0525
https://notcve.org/view.php?id=CVE-2010-0525
30 Mar 2010 — Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient, which might make it easier for remote attackers to obtain sensitive information via a brute-force attack on a weakly encrypted e-mail message. Mail en Apple Mac OS X anterior v10.6.3 no refuerza adecuadamente la clave de extensión usage durante el procesado de una cadena de claves que especifica múltiples certificados para un rec... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 52%CPEs: 26EXPL: 0CVE-2010-0505 – Apple Mac OS X ImageIO Framework JPEG2000 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0505
30 Mar 2010 — Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 (JPEG2000) image, related to incorrect calculation and the CGImageReadGetBytesAtOffset function. Un desbordamiento de búfer en la región heap de la memoria en ImageIO en Mac OS X de Apple anterior a versión 10.6.3, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de apl... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 6EXPL: 0CVE-2010-0526 – Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0526
30 Mar 2010 — Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during decompression. Desbordamiento de búfer basado en memoria dinámica (heap) en QuickTime en Apple Mac OS X anterior a la v10.6.3, permite a atacantes remotos ejecutar código HTML de su elección o provocar una denegac... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 29%CPEs: 6EXPL: 0CVE-2010-0516 – Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0516
30 Mar 2010 — Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding, which triggers memory corruption when the length of decompressed data exceeds that of the allocated heap chunk. Desbordamiento de búfer basado en pila en QuickTime en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código arbitrario o una denegación de servicio (caída de ... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •