CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2007-0023 – Apple Mac OSX 10.4.8 - 'UserNotificationCenter' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-0023
24 Jan 2007 — The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user. La función CFUserNotificationSendRequest en UserNotificationCenter.app de Apple Mac OS X 10.4.8, al ser usado en combinación con diskutil, permite a usuarios locales obtener privilegi... • https://www.exploit-db.com/exploits/3181 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0430 – Apple Mac OSX 10.4.x Kernel - 'shared_region_map_file_np()' Memory Corruption
https://notcve.org/view.php?id=CVE-2007-0430
23 Jan 2007 — The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. La función shared_region_map_file_np en Apple Mac OS X 10.4.8 y núcleos anetriores permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) mediante un valor mappingCount grande. • https://www.exploit-db.com/exploits/3167 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0022
https://notcve.org/view.php?id=CVE-2007-0022
23 Jan 2007 — Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program. Vulnerabilidad de ruta de búsqueda no confiable en writeconfig de Apple Mac OS X 10.4.8 permite a usuarios locales obtener privilegios mediante un PATH modificado que apunta a un programa launchctl malicioso. • http://docs.info.apple.com/article.html?artnum=305391 •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 1CVE-2007-0355 – Apple Mac OSX 10.4.8 - SLP Daemon Service Registration Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-0355
19 Jan 2007 — Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field. Un desbordamiento de búfer en Apple Minimal SLP v2 Service Agent (slpd) en Mac OS X versión 10.4.11 y anteriores, incluyendo versión 10.4.8, permite a usuarios locales, y posiblemente a atacantes remotos, alcanzar privilegios y po... • https://www.exploit-db.com/exploits/3151 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 19%CPEs: 4EXPL: 3CVE-2007-0342 – Apple WebKit build 18794 - WebCore Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-0342
18 Jan 2007 — WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019. WebCore en Apple WebKit construcción 18974 permite a un atacante remoto provocar denegación de servicio de un servicio (referencia null y caida de aplicación) a través del elemento TD con un gran número en el ... • https://www.exploit-db.com/exploits/29461 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2007-0345
https://notcve.org/view.php?id=CVE-2007-0345
18 Jan 2007 — The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Resources/kcproxy, and (3) ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions (writable by admin group), which allows local admin users to gain root privileges by modifying a program and then performing permissions repair via diskutil. Los programas (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Reso... • http://projects.info-pull.com/moab/MOAB-15-01-2007.html •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 0CVE-2007-0318
https://notcve.org/view.php?id=CVE-2007-0318
18 Jan 2007 — The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal. La función do_hfs_truncate en el Mac OS X 10.4.8 permite a atacantes dependientes del entorno provocar una denegación de servicio (kernel panic) mediante la manipulación del sistema de archivos HFS+ en una imagen DMG, lo que provoca el acceso de una estructura vnod... • http://docs.info.apple.com/article.html?artnum=305214 •
CVSS: 7.1EPSS: 2%CPEs: 1EXPL: 0CVE-2007-0299
https://notcve.org/view.php?id=CVE-2007-0299
17 Jan 2007 — Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference. Desbordamiento de entero en la función byte_swap_sbin de bsd/ufs/ufs/ufs_byte_order.c en Mac OS X 10.4.8 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (kernel panic) montando una ... • http://docs.info.apple.com/article.html?artnum=305214 •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1CVE-2007-0267 – Apple Mac OSX 10.4.8 - DMG UFS UFS_LookUp Denial of Service
https://notcve.org/view.php?id=CVE-2007-0267
17 Jan 2007 — The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrupted directory entry (struct direct), related to the ufs_dirbad function. NOTE: a third party states that the FreeBSD issue does not cross privilege boundaries. La función ufs_lookup en los kernel de Mac OS X versión 10.4.8 y FreeBSD versión 6.1, permite a los us... • https://www.exploit-db.com/exploits/29452 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 65%CPEs: 1EXPL: 1CVE-2007-0236 – Apple Mac OSX 10.4.8 - AppleTalk 'ATPsndrsp()' Heap Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-0236
16 Jan 2007 — Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow. Vulnerabilidad de doble liberación en la función _ATPsndrsp en Apple Mac OS X versión 10.4.8, y posiblemente otras versiones, permite a atacantes remotos causar una denegación de servicio (pánico del kernel) y posiblemente e... • https://www.exploit-db.com/exploits/3130 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •