CVE-2005-0342 – Apple Mac OSX - '.DS_Store' Arbitrary File Overwrite
https://notcve.org/view.php?id=CVE-2005-0342
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. • https://www.exploit-db.com/exploits/793 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://marc.info/?l=bugtraq&m=110780124707975&w=2 http://secunia.com/advisories/14188 http://www.securityfocus.com/bid/12458 https://exchange.xforce.ibmcloud.com/vulnerabilities/19253 •
CVE-2005-0126
https://notcve.org/view.php?id=CVE-2005-0126
ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. • http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html http://securitytracker.com/id?1013000 http://www.kb.cert.org/vuls/id/980078 http://www.securityfocus.com/bid/12367 https://exchange.xforce.ibmcloud.com/vulnerabilities/19083 •
CVE-2004-0090
https://notcve.org/view.php?id=CVE-2004-0090
Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors. • http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://secunia.com/advisories/10723 http://www.auscert.org.au/render.html?it=3791&cid=1 http://www.securityfocus.com/bid/9504 •
CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •
CVE-2004-1123
https://notcve.org/view.php?id=CVE-2004-1123
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. • http://www.idefense.com/application/poi/display?id=159&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/18357 •