CVSS: 9.0EPSS: 4%CPEs: 10EXPL: 0CVE-2010-3795 – Apple QuickTime GIF LZW Decompression Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3795
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. QuickTime en Apple Mac OS X v10.6.x anteriores a v10.6.5 accede a posiciones de memoria no inicializada mientras procesa datos de imágenes GIF, lo que permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de una imagen GIF manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the application's implementation of the LZW compression when opening a certain file format. The application will allocate a buffer for the image and then decompress image data into it. • http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4447 http://www.securitytracker.com/id?1024729 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 69%CPEs: 26EXPL: 0CVE-2010-2941 – cups: cupsd memory corruption vulnerability
https://notcve.org/view.php?id=CVE-2010-2941
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. ipp.c en cupsd en CUPS v1.4.4 y anteriores no asigna correctamente memoria para valores de atributo con tipos de datos de cadena inválidos, permitiendo a atacantes remotos provocar una denegación de servicio (uso después de liberación y caída de la aplicación) o posiblemente ejecutar código arbitrario mediante una solicitud IPP manipulada. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://rhn.redhat.com/errata/RHSA&# • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2010-1820
https://notcve.org/view.php?id=CVE-2010-1820
Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name. El Apple Filing Protocol (AFP) Server de Apple Mac OS X v10.6.x hasta v10.6.4 no maneja apropiadamente los errores, lo que permite a atacantes remotos evitar requisitos de contraseñas para el acceso a carpetas compartidas mediante el conocimiento de un nombre de cuenta válido. • http://lists.apple.com/archives/security-announce/2010/Sep/msg00004.html http://support.apple.com/kb/HT4361 http://www.securityfocus.com/bid/43341 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12109 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2010-1808
https://notcve.org/view.php?id=CVE-2010-1808
Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. Desbordamiento de búfer basado en pila en Apple Type Services (ATS), en Apple Mac OS X v10.5.8 y v10.6.4 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de fuentes manipuladas embebidas en un documento. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://securitytracker.com/id?1024359 http://support.apple.com/kb/HT4312 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2010-1802
https://notcve.org/view.php?id=CVE-2010-1802
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com. libsecurity en Apple Mac OS X v10.5.8 y v10.6.4 no realizad de forma adecuada la comparación entre las cadenas de nombre de dominio en los certificados X.509, lo que permite ataques "hombre-en-medio" (man-in-the-middle) para espiar los servidores SSL a través de certificados asociados con un nombre de dominio similar, como se demostró usándose para espíar desde www.example.con a www.example.com • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://securitytracker.com/id?1024359 http://support.apple.com/kb/HT4312 • CWE-287: Improper Authentication •