CVSS: 10.0EPSS: 4%CPEs: 22EXPL: 0CVE-2007-0746
https://notcve.org/view.php?id=CVE-2007-0746
24 Apr 2007 — Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference". Desbordamiento de búfer basado en pila en el marco VideoConference en Apple Mac OS X 10.3.9 hasta la 10.4.9 permite a atacantes remotos ejecutar código de su elección a través de un "paquete manipulado SIP cuando se inicializa una conferencia audio/video". • http://docs.info.apple.com/article.html?artnum=305391 •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 0CVE-2007-0735
https://notcve.org/view.php?id=CVE-2007-0735
24 Apr 2007 — Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory. Vulnerabilidad de uso después de la liberación (Use-After-Free) en Libinfo en Apple Mac OS X 10.3.9 hasta la 10.4.9 permite a atacante... • http://docs.info.apple.com/article.html?artnum=305391 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-0742
https://notcve.org/view.php?id=CVE-2007-0742
24 Apr 2007 — The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information. El marco WebFoundation en Apple Mac OS X 10.3.9 y anteriores permite a cookies de subdominio ser accedidas por el dominio padre, lo cual podría permite a atacantes remotos obtener información sensible. • http://docs.info.apple.com/article.html?artnum=305391 •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2007-0725
https://notcve.org/view.php?id=CVE-2007-0725
24 Apr 2007 — Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands." Desbordamiento de búfer en el módulo AirPortDriver para AirPort en Apple Mac OS X 10.3.9 hasta 10.4.9, al ejecutarse en hardware con la tarjeta wireless AirPort original, permite a usuarios locales ejecutar código de su elección "enviando comandos de control mal ... • http://docs.info.apple.com/article.html?artnum=305391 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2007-0732
https://notcve.org/view.php?id=CVE-2007-0732
24 Apr 2007 — Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port." Vulnerabilidad no especificada en el demonio CoreServices en CarbonCore en Apple Mac OS X 10.4 hasta 10.4.9 permite a usuarios locales ganar privilegios a través de vectores no especificados afectando a "la obtención del envío correcto en el puerto de la tarea Mach". • http://docs.info.apple.com/article.html?artnum=305391 •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2007-0729
https://notcve.org/view.php?id=CVE-2007-0729
24 Apr 2007 — Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. El cliente Apple File Protocol (AFP) en Apple Mac OS X 10.3.9 hasta la 10.4.9 no limpia de forma adecuada el entorno antes de la ejecución de comandos, lo cual permite a usuarios locales ganar privilegios a través de la configuración de variables de entorno no especificadas. • http://docs.info.apple.com/article.html?artnum=305391 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2007-0734
https://notcve.org/view.php?id=CVE-2007-0734
10 Apr 2007 — fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. fsck, tal y como es usada por la funcionalidad AirPort Disk de la AirPort Extreme Base Station con 802.11n anteriores a Firmware Update 7.1, y por Ap... • http://docs.info.apple.com/article.html?artnum=305366 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2007-0724
https://notcve.org/view.php?id=CVE-2007-0724
13 Mar 2007 — The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console. El interfaz IOKit HID en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 no limita lo suficiente el acceso a ciertos controles, lo cual permite a usuarios locales obtener privilegios utilizando eventos de dispositivo HID para leer pulsaciones de teclado desde la consola. • http://docs.info.apple.com/article.html?artnum=305214 •
CVSS: 8.8EPSS: 2%CPEs: 20EXPL: 0CVE-2007-0721
https://notcve.org/view.php?id=CVE-2007-0721
13 Mar 2007 — Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption. Vulnerabilidad no especificada en diskimages-helper de Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite ejecutar código de su elección mediante una imagen de disco comprimida artesanal que provoca una corrupción de memoria. • http://docs.info.apple.com/article.html?artnum=305214 •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2007-0728
https://notcve.org/view.php?id=CVE-2007-0728
13 Mar 2007 — Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files. Vulnerabilidad no especificada en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 crea ficheros de forma insegura al inicializar una impresora USB, lo cual permite a usuarios locales crear o sobrescribir ficheros de su elección. • http://docs.info.apple.com/article.html?artnum=305214 •