CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2010-3796
https://notcve.org/view.php?id=CVE-2010-3796
Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications. Safari RSS en Apple Mac OS X v10.5.8 y v10.6.x anterior v10.6.5 no bloquea las applets de Java en los feed RSS, lo que permite a atacantes remotos obtener información sensible a través del feedo: URL contiene un applet que realiza modificaciones DOM. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2010-1803
https://notcve.org/view.php?id=CVE-2010-1803
Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume. Time Machine en Apple Mac OS X v10.6.x anteriores a v10.6.5 no verifica el identificados único de su volumen AFP remoto, lo que permite a atacantes remotos obtener información sensible espaando ese volumen • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 •
CVSS: 6.0EPSS: 0%CPEs: 12EXPL: 0CVE-2010-1829
https://notcve.org/view.php?id=CVE-2010-1829
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. Vulnerabilidad de salto de directorio en AFP Server en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 que permite a usuarios autenticados de forma remota ejecutar código de su elección si se crean ficheros que están fuera del rango compartido. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 1%CPEs: 12EXPL: 0CVE-2010-1831
https://notcve.org/view.php?id=CVE-2010-1831
Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. Desbordamiento de buffer en Apple Type Services (ATS) en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 que permite a atacantes remotos ejecutar código de su elección a través de nombres largos embebidos en un documento. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 10EXPL: 0CVE-2010-1833
https://notcve.org/view.php?id=CVE-2010-1833
Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document. Apple Type Services (ATS) bajo Apple Mac OS X v10.6.x antes de v10.6.5 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de una fuente modificada a mano incrustada en un documento. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •