NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" <= 10.7.2"

Page 39 of 813 results (0.025 seconds)

CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0

CVE-2009-2824

https://notcve.org/view.php?id=CVE-2009-2824

10 Nov 2009 — Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document. Múltiples desbordamiento de búfer en Apple Type Services (ATS) en Apple Mac OS X v10.5.8 permite a atacantes remotos ejecutar código de su elección a través de fuentes manipuladas embebidas en un documento. • http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2009-2814

https://notcve.org/view.php?id=CVE-2009-2814

14 Sep 2009 — Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Wiki Server en Apple Mac OS X v10.5.8, permite a atacantes remotos inyectare secuencias de comandos web o HTML de su elección a través de una petición de búsqueda de datos que no usa la codificación UTF-8. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 1%CPEs: 78EXPL: 0

CVE-2009-2813 – Samba: Share restriction bypass via home-less directory user account(s)

https://notcve.org/view.php?id=CVE-2009-2813

14 Sep 2009 — Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. Samba 3.4 en versiones anteriores a 3.4.2, ... • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2009-2803

https://notcve.org/view.php?id=CVE-2009-2803

14 Sep 2009 — CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. CarbonCore en Apple Mac OS X 10.4.11 y 10.5.8 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un fichero con una bifurcación de recurso manipulada. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-399: Resource Management Errors •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2009-2812

https://notcve.org/view.php?id=CVE-2009-2812

14 Sep 2009 — Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. Launch Services en Apple Mac OS X 10.5.8 no reconoce adecuadamente un Identificador de Tipo Uniform (uniforme/único) no seguro en un documento de tipo exportado en un aplicación descargado, lo que permite a atacantes re... • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2009-2807

https://notcve.org/view.php?id=CVE-2009-2807

14 Sep 2009 — Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica (heap) en el panel de gestión USB en CUPS en Apple Mac OS X, permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2009-2811

https://notcve.org/view.php?id=CVE-2009-2811

14 Sep 2009 — Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature. Vulnerabilidad de lista negra incompleta en Apple Mac OS X 10.5.8, permite a atacantes remotos asistidos por usuarios ejecutar comandos de su elección a través de un fichero .fileloc, el cual no provoca un mensaje de advertencia "potencialmente inseguro" en l... • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 0

CVE-2009-2809

https://notcve.org/view.php?id=CVE-2009-2809

14 Sep 2009 — ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." ImageIO en Apple Mac OS X 10.4.11 y 10.5.8, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de aplicación) a través de una imagen PixarFil manipulada codificada con TIFF, relacionado con "múltiples cuestiones de corrupci... • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 2%CPEs: 73EXPL: 0

CVE-2009-2804

https://notcve.org/view.php?id=CVE-2009-2804

14 Sep 2009 — Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. Un desbordamiento enteros en ColorSync en Mac OS X versiones 10.4.11 y 10.5.8, y Safari anterior a versión 4.0.4, de Apple, en Windows, permite a los atacantes remotos ejecutar código arbitrario o causar una denega... • http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html • CWE-189: Numeric Errors •

CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2009-2805

https://notcve.org/view.php?id=CVE-2009-2805

14 Sep 2009 — Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. Desbordamiento de entero en CoreGraphics de Apple Mac OS X v10.4.11 y v10.5.8, permite a atacantes remotos ejecutar código de su elección o probocar una denegación de servicio (caída de la aplicación) a través de un flujo JBIG2 en un fichero PDF, conduciendo a... • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html • CWE-189: Numeric Errors •

1...37 38 39 40 41