CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2004-0821
https://notcve.org/view.php?id=CVE-2004-0821
The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. • http://secunia.com/advisories/12491 http://www.auscert.org.au/render.html?it=4363 http://www.ciac.org/ciac/bulletins/o-212.shtml http://www.kb.cert.org/vuls/id/704110 http://www.securityfocus.com/bid/11135 https://exchange.xforce.ibmcloud.com/vulnerabilities/17291 •
CVSS: 5.0EPSS: 4%CPEs: 3EXPL: 0CVE-2004-0825
https://notcve.org/view.php?id=CVE-2004-0825
QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. • http://marc.info/?l=bugtraq&m=109467471617466&w=2 http://secunia.com/advisories/12491 http://securitytracker.com/id?1011176 http://www.ciac.org/ciac/bulletins/o-212.shtml http://www.kb.cert.org/vuls/id/914870 http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11138 https://exchange.xforce.ibmcloud.com/vulnerabilities/17294 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2004-0822
https://notcve.org/view.php?id=CVE-2004-0822
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. • http://secunia.com/advisories/12491 http://www.ciac.org/ciac/bulletins/o-212.shtml http://www.kb.cert.org/vuls/id/545446 http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11136 https://exchange.xforce.ibmcloud.com/vulnerabilities/17295 •
CVSS: 7.5EPSS: 1%CPEs: 70EXPL: 0CVE-2004-0823
https://notcve.org/view.php?id=CVE-2004-0823
OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. • http://secunia.com/advisories/12491 http://secunia.com/advisories/17233 http://secunia.com/advisories/21520 http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm http://www.auscert.org.au/render.html?it=4363 http://www.redhat.com/support/errata/RHSA-2005-751.html http://www.securityfocus.com/advisories/7148 http://www.securityfocus.com/bid/11137 https://exchange.xforce.ibmcloud.com/vulnerabilities/17300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre&# •
CVSS: 9.8EPSS: 13%CPEs: 3EXPL: 0CVE-2002-1347
https://notcve.org/view.php?id=CVE-2002-1347
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. Desbordamiento de búfer en la librería Cyrus SASL 2.1.9 y anteriores permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante entradas largas durante la canonización de nombre de usuario caractéres que necesitan ser escapados durante autenticación LDAP usando saslauth, o un error por uno en el escritor del log, que no asigna espacio para el carácter nulo que termina la cadena. • http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.html http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=103946297703402&w=2 http://www.debian.org/security/2002/dsa-215 http://www.redhat.com/support/errata/RHSA-2002-283.html http://www.securityfocus.com/advisories/4826 http://www.securityfocus.com/bid/6347 http://www.securityfocus.com/bid/6348 • CWE-131: Incorrect Calculation of Buffer Size •