NotCVE - vendor:"Apple" product:"Mac Os X" version:"

Page 223 of 2915 results (0.020 seconds)

CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0

CVE-2010-0037

https://notcve.org/view.php?id=CVE-2010-0037

20 Jan 2010 — Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. Desbordamiento de búfer en Image RAW en Apple Mac OS X v10.5.8 y v10.6.2 permite a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (caída de aplicación) a través de una imagen DNG manipulada. • http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 4EXPL: 0

CVE-2010-0036

https://notcve.org/view.php?id=CVE-2010-0036

20 Jan 2010 — Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. Desbordamiento de búfer en CoreAudio in Apple Mac OS X v10.5.8 y v10.6.2 permite a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (caída de aplicación) a través de un fichero de audio MP4 manipulado. • http://lists.apple.com/archives/security-announce/2010/Feb/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2009-2843

https://notcve.org/view.php?id=CVE-2009-2843

08 Dec 2009 — Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet. Java para Mac OS X 1v0.5 anterior Update v6 y v10.6 anterior Update v1 acepta certificados expirados para applets, lo que hace que sea facil para atacantes remotos ejecutar código de su elección a través de un applet. • http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html • CWE-310: Cryptographic Issues •

CVSS: 7.5EPSS: 7%CPEs: 14EXPL: 1

CVE-2009-4017 – PHP < 5.3.1 - 'MultiPart/form-data' Denial of Service

https://notcve.org/view.php?id=CVE-2009-4017

24 Nov 2009 — PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. PHP v5.2.11, y v5.3.x antes de v5.3.1, no restringen el número de archivos temporales creados al manipular ... • https://www.exploit-db.com/exploits/10242 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 6%CPEs: 14EXPL: 0

CVE-2009-3553 – cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface

https://notcve.org/view.php?id=CVE-2009-3553

20 Nov 2009 — Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. Vulnerabilidad de uso anterior a la liberación en el d... • http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2009-2826

https://notcve.org/view.php?id=CVE-2009-2826

10 Nov 2009 — Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow. Múltiples desbordamiento de búfer en CoreGraphics en Apple Mac OS X v10.5.8 permite a atacantes remotos ejecutar código a su elección o causar una denegación de servicio (caída de programa) a través de documentos PDF manipulados que provoca desbordamiento de búfer basado en ... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-189: Numeric Errors •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2009-2838

https://notcve.org/view.php?id=CVE-2009-2838

10 Nov 2009 — Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document that triggers a buffer overflow. Desbordamiento de entero en QuickLook en Apple Mac OS X v10.5.8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de un documento de Microsoft Office manipulado que provoca un desbordamiento de búfer. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-189: Numeric Errors •

CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0

CVE-2009-2824

https://notcve.org/view.php?id=CVE-2009-2824

10 Nov 2009 — Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document. Múltiples desbordamiento de búfer en Apple Type Services (ATS) en Apple Mac OS X v10.5.8 permite a atacantes remotos ejecutar código de su elección a través de fuentes manipuladas embebidas en un documento. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2009-2840

https://notcve.org/view.php?id=CVE-2009-2840

10 Nov 2009 — Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors. Spotlight en Apple Mac OS X v10.5.8 no maneja adecuadamente los archivos temporales, lo que permite a usuarios locales sobrescribir archivos de su elección en el contexto de los privilegios de usuario diferentes a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html •

CVSS: 7.1EPSS: 0%CPEs: 118EXPL: 0

CVE-2009-2835

https://notcve.org/view.php?id=CVE-2009-2835

10 Nov 2009 — The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors. El núcleo de Apple Mac OS X anterior a v10.6.2 no controla correctamente los segmentos de estado de la tarea, lo que permite a usuarios locales obtener privilegios, provocar una denegación de servicio (cuelgue del sistema), u obtener información sensible a través de vectores no ... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-20: Improper Input Validation •

1...221 222 223 224 225