CVE-2010-1833
https://notcve.org/view.php?id=CVE-2010-1833
Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document. Apple Type Services (ATS) bajo Apple Mac OS X v10.6.x antes de v10.6.5 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de una fuente modificada a mano incrustada en un documento. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-1378
https://notcve.org/view.php?id=CVE-2010-1378
OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority. OpenSSL en Apple Mac OS X v10.6.x anterior a v10.6.5 no realiza apropiadamente operaciones aritméticas, que permite a atacantes remotos evitar certificados autenticados X.509 a través de un certificado de su elección emitido por una Autoridad de Certificación legítima. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 • CWE-295: Improper Certificate Validation •
CVE-2010-1829
https://notcve.org/view.php?id=CVE-2010-1829
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. Vulnerabilidad de salto de directorio en AFP Server en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 que permite a usuarios autenticados de forma remota ejecutar código de su elección si se crean ficheros que están fuera del rango compartido. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2010-3786
https://notcve.org/view.php?id=CVE-2010-3786
QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file. QuickLook en Apple Mac OS X v10.6.x anterior a v10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servivio (corrupción de memoria y caída de la aplicación) a través de un archivo Excel manipulado. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://secunia.com/advisories/42314 http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4456 http://support.apple.com/kb/HT5004 http://www.securitytracker.com/id?1024723 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-1840 – Apple Directory Services - Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1840
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Desbordamiento de búfer basado en pila en la funcionalidad de validación del password en el Directory Services en Apple Mac OS X v.10.5.8 and v.10.6.x anterior a v.10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. • https://www.exploit-db.com/exploits/15491 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •