CVSS: 9.3EPSS: 20%CPEs: 79EXPL: 0CVE-2011-0234 – Webkit Detached Body Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0234
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. WebKit, empleado en Safari anterior a v5.0.6, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria o caída de aplicación) a través de un sitio web manipulado. Vulnerabilidad distinta de APPLE-SA-2011-07-20-1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application manages a reference to an anonymous block located near a particular element within the document. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 14EXPL: 0CVE-2011-0177
https://notcve.org/view.php?id=CVE-2011-0177
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font. Múltiples desbordamientos de búfer en Apple Type Services (ATS) en Apple Mac OS X antes de v10.6.7 permite a atacantes remotos ejecutar código de su elección a través de un documento que contiene una tabla SFNT manipulada en una fuente embebida. • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://support.apple.com/kb/HT4581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 14EXPL: 0CVE-2011-0193
https://notcve.org/view.php?id=CVE-2011-0193
Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. Múltiples desbordamientos de búfer en Image RAW de Apple Mac OS X antes de v10.6.7, permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (solicitud de bloqueo) a través de una imagen Canon RAW manipulada. • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://support.apple.com/kb/HT4581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2011-0183
https://notcve.org/view.php?id=CVE-2011-0183
Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue." Libinfo en Apple Mac OS X antes de v10.6.7 no controla correctamente un campo entero sin especificar en un paquete NFS RPC, que permite a atacantes remotos provocar una denegación de servicio (lockd, statd, mountd, o corte de portmap) a través de un paquete manipulado, relacionado con un "fallo de truncado de entero". • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://support.apple.com/kb/HT4581 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2011-0194
https://notcve.org/view.php?id=CVE-2011-0194
Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. Desbordamiento de enteros en ImageIO en Apple Mac OS X v10.6 antes de v10.6.7 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (solicitud de bloqueo) a través de una imagen TIFF manipulada con codificación JPEG. • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://support.apple.com/kb/HT4581 • CWE-189: Numeric Errors •