CVE-2010-1846
https://notcve.org/view.php?id=CVE-2010-1846
Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image. Desbordamiento de búfer basado en memoria dinámica en Image RAW en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de una imagen RAW manipulada. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-1803
https://notcve.org/view.php?id=CVE-2010-1803
Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume. Time Machine en Apple Mac OS X v10.6.x anteriores a v10.6.5 no verifica el identificados único de su volumen AFP remoto, lo que permite a atacantes remotos obtener información sensible espaando ese volumen • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 •
CVE-2010-1834
https://notcve.org/view.php?id=CVE-2010-1834
CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address. CFNetwork en Apple Mac OS X v10.6.x anteriores a v10.6.5 no validan de forma adecuada los dominios de las cookies, lo que facilita a servidores remotos seguir el rastro a usuario fijando una cookie que está asociada a una IP parcial. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-20: Improper Input Validation •
CVE-2010-1830
https://notcve.org/view.php?id=CVE-2010-1830
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors. AFP Server en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 genera mensajes de error diferentes en función de si existe un recurso compartido, lo que permite a atacantes remotos enumerar los nombres válidos de recursos compartidos válidos a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 •
CVE-2010-1831
https://notcve.org/view.php?id=CVE-2010-1831
Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document. Desbordamiento de buffer en Apple Type Services (ATS) en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 que permite a atacantes remotos ejecutar código de su elección a través de nombres largos embebidos en un documento. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •