Page 33 of 309 results (0.009 seconds)

CVSS: 6.8EPSS: 2%CPEs: 10EXPL: 0

QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file. QuickLook en Apple Mac OS X v10.6.x anterior a v10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servivio (corrupción de memoria y caída de la aplicación) a través de un archivo Excel manipulado. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://secunia.com/advisories/42314 http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4456 http://support.apple.com/kb/HT5004 http://www.securitytracker.com/id?1024723 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 20%CPEs: 12EXPL: 1

Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Desbordamiento de búfer basado en pila en la funcionalidad de validación del password en el Directory Services en Apple Mac OS X v.10.5.8 and v.10.6.x anterior a v.10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. • https://www.exploit-db.com/exploits/15491 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 7%CPEs: 12EXPL: 0

Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. Desbordamiento de búfer basado en pila en QuickTime en Apple Mac OS X v10.6.x anterior a v10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servivio (caída de la aplicación) a través de un archivo de película MPEG maniuplado This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the QuickTimeMPEG.qtx module. When handling an ELST atom's edit list table data large values are not handled properly. Specifically, the media rate field is explicitly trusted and can be abused to control memory copy operations. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4447 http://www.securitytracker.com/id?1024729 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 6%CPEs: 12EXPL: 0

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file. QuickTime en Apple Mac OS X v10.6.x anteriores a v10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de una fichero de vídeo en formato Sorenson manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime decompresses video samples that are encoded with the Sorenson v3 Codec. Upon parsing malformed video sample data, the application will calculate an index for decompression and use that to seek into a buffer used for writing. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4447 http://www.securitytracker.com/id?1024729 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 6%CPEs: 10EXPL: 0

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. QuickTime en Apple Mac OS X 10.6.x anterior a v10.6.5 accede a posiciones de memoria no inicializadas durante el procesado de los datos de una imagen FlashPix, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servivios (caída de la aplicación) a través de un archivo FlashPix manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support for huffman tables within a flashpix file. By specifying an index larger than a particular value, a pointer will cease to get initialized. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4447 http://www.securitytracker.com/id?1024729 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •