Page 37 of 200 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. • http://secunia.com/advisories/12491 http://www.auscert.org.au/render.html?it=4363 http://www.ciac.org/ciac/bulletins/o-212.shtml http://www.kb.cert.org/vuls/id/704110 http://www.securityfocus.com/bid/11135 https://exchange.xforce.ibmcloud.com/vulnerabilities/17291 •

CVSS: 5.0EPSS: 4%CPEs: 3EXPL: 0

QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. • http://marc.info/?l=bugtraq&m=109467471617466&w=2 http://secunia.com/advisories/12491 http://securitytracker.com/id?1011176 http://www.ciac.org/ciac/bulletins/o-212.shtml http://www.kb.cert.org/vuls/id/914870 http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11138 https://exchange.xforce.ibmcloud.com/vulnerabilities/17294 •

CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0

OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. • http://secunia.com/advisories/12491 http://secunia.com/advisories/17233 http://secunia.com/advisories/21520 http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm http://www.auscert.org.au/render.html?it=4363 http://www.redhat.com/support/errata/RHSA-2005-751.html http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11137 https://exchange.xforce.ibmcloud.com/vulnerabilities/17300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre&# •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. • http://secunia.com/advisories/12491 http://www.ciac.org/ciac/bulletins/o-212.shtml http://www.kb.cert.org/vuls/id/545446 http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11136 https://exchange.xforce.ibmcloud.com/vulnerabilities/17295 •

CVSS: 5.0EPSS: 0%CPEs: 28EXPL: 0

Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak. Safari para Mac OS X anteriores a 10.3.5, despues de enviar datos de formualarios con el método POST, puede reenviar los datos a un método GET si esa URL es redirigida después de que los datos POST y el usuario utiliza los botones "Atrás" y "Adelante", lo que puede causar un filtrado de información. • http://lists.apple.com/mhonarc/security-announce/msg00056.html http://www.kb.cert.org/vuls/id/128414 https://exchange.xforce.ibmcloud.com/vulnerabilities/16944 •