CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1401 – Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1401
08 Jun 2010 — Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element. Vulnerabilidad de uso despues de liberacion en la implementación de las hojas de estilo en cascada (CSS) en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 59%CPEs: 74EXPL: 0CVE-2010-1403 – Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1403
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction. WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, y anterio... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1749 – Apple Webkit SVG RadialGradiant Run-in Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1749
08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times. Una vulnerabilidad de uso de la memoria previamente liberada en WebKit en Safari de Apple anterio... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 11%CPEs: 74EXPL: 0CVE-2010-1402 – Apple Webkit ConditionEventListener Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1402
08 Jun 2010 — Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, a timer, and an AnimateTransform object. Una vulnerabilidad de doble liberación en WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y ... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 43EXPL: 0CVE-2010-0531
https://notcve.org/view.php?id=CVE-2010-0531
31 Mar 2010 — Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. Apple iTunes en versiones anteriores a la 9.1 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un fichero de podcast MP4 manipulado. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 0CVE-2010-0060 – Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0060
30 Mar 2010 — CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDMC encoding. CoreAudio en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código de su elección o a provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de contenido de audio manipulado, codificado con QDMC. This vulnerability allows remote attackers to... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 36%CPEs: 6EXPL: 1CVE-2010-0520 – Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0520
30 Mar 2010 — Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression. Desbordamiento de búfer basado en memoria dinámica (heap) en QuickTime en Apple Mac OS X anterior a 10.6.3, permite a atacantes remotos ejecutar código de su ... • https://www.exploit-db.com/exploits/15035 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2010-0509
https://notcve.org/view.php?id=CVE-2010-0509
30 Mar 2010 — SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts. SFLServer de OS Services de Apple Mac OS X anterior a v10.6.3, permite a usuarios locales aumentar sus privilegios a través de vectores relacionados con la pertenencia al grupo "wheel" durante el acceso a los directorios personales de las cuentas de usuario. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2010-0503
https://notcve.org/view.php?id=CVE-2010-0503
30 Mar 2010 — Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Vulnerabilidad de uso después de la liberación en iChat Server de Apple Mac OS X Server v10.5.8 permite a usuarios autenticados en remoto ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0535
https://notcve.org/view.php?id=CVE-2010-0535
30 Mar 2010 — Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors. Dovecot en Apple Mac OS X v10.6 anterior a v10.6.3, cuando Kerberos está habilitado no aplica de forma efectiva la lista de control de acceso al servicio (SACL) para enviar y recibir correo electrónico, lo cual permite a usuarios remotos... • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •