CVE-2013-1034
https://notcve.org/view.php?id=CVE-2013-1034
Multiple cross-site scripting (XSS) vulnerabilities in Wiki Server in Apple Mac OS X Server before 2.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades XSS en Wiki Server de Apple Mac OS X Server anterior a la versión 2.2.2 permite a atacantes remotos inyectar script web o HTML arbitrario a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html http://support.apple.com/kb/HT5892 http://www.cloudscan.me/2013/09/cve-2013-1034-stored-xss-xxe-os-x.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-3722
https://notcve.org/view.php?id=CVE-2012-3722
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. El codec Sorenson en QuickTime en Apple Mac OS X anterior a v10.7.5, y en CoreMedia en iOS anterior a v6, accede a regiones de memoria no inicializadas, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de aplicación) a través de un archivo tipo "movie" especialmente manipulado codificado con Sorenson. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://support.apple.com/kb/HT5501 http://support.apple.com/kb/HT5503 https://exchange.xforce.ibmcloud.com/vulnerabilities/78715 • CWE-399: Resource Management Errors •
CVE-2011-1417 – Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1417
Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a Microsoft Office document with a crafted size field in the OfficeArtMetafileHeader, related to OfficeArtBlip, as demonstrated on the iPhone by Charlie Miller and Dion Blazakis during a Pwn2Own competition at CanSecWest 2011. Un desbordamiento de enteros en QuickLook, tal y como es usado en Mac OS X anterior a versión 10.6.7 y MobileSafari en iOS anterior a versión 4.2.7 y versiones 4.3.x anteriores a 4.3.2, de Apple, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y bloqueo de aplicación) por medio de un documento de Microsoft Office con un campo de tamaño diseñado en OfficeArtMetafileHeader, relacionado a OfficeArtBlip, como es demostrado en el iPhone por Charlie Miller y Dion Blazakis durante una competencia de Pwn2Own en CanSecWest 2011. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files. When handling the OfficeArtMetafileHeader the process trusts the cbSize field and performs arithmetic on it before making an allocation. • http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00005.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://secunia.com/advisories/44154 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT4607 http://support& • CWE-189: Numeric Errors •
CVE-2010-1119 – Apple Webkit Attribute Child Removal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1119
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010. Una vulnerabilidad de uso de memoria previamente liberada en WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, Safari anterior a versión 4.1 sobre Mac OS X versión 10.4, y Safari en iPhone OS de Apple, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación), o leer la base de datos SMS u otros datos, por medio de vectores relacionados con "attribute manipulation", como es demostrado por Vincenzo Iozzo y Ralf Philipp Weinmann durante una competición Pwn2Own en CanSecWest 2010. This vulnerability allows remote attackers to execute remote code on vulnerable installations of Apple Webkit. User interaction is required in that a target must be coerced into visiting a malicious page. The specific flaw exists within Webkit's process for destructing attribute objects via the removeChild method. If an attribute's child object is accessed after the attribute was removed from the document, an invalid pointer is referenced. • https://www.exploit-db.com/exploits/16974 http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010 http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://news.cnet.com/8301-27080_3-20001126-245.html http://secunia.com/advisories/40105 http://secunia.com/advisories/40196 http://securityreason.com/securityalert • CWE-399: Resource Management Errors •
CVE-2005-0373
https://notcve.org/view.php?id=CVE-2005-0373
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml http://www.linuxcompatible.org/print42495.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:054 http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html http://www.securityfocus.com/bid/11347 https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type •