CVE-2011-1516 – SAP NetWeaver Dispatcher - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-1516
The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through 10.7.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of osascript to send Apple events to the launchd daemon, a related issue to CVE-2008-7303. Los perfiles kSBXProfileNoNetwork y kSBXProfileNoInternet en Apple Mac OS X v10.5.x hasta v10.7.x no propagan las restricciones a todos los procesos creados, lo que permite a atacantes remotodos acceder a recursos de red a través de una aplicación modificada, como se demuestra con el uso de osascript para enviar eventos Apple al demonio launchd, una cuestión relacionada con CVE-2008-7303. • https://www.exploit-db.com/exploits/18853 http://www.coresecurity.com/content/apple-osx-sandbox-bypass http://www.securityfocus.com/archive/1/520479/100/100/threaded • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-3336 – Libc - 'regcomp()' Stack Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. regcomp en la implementación BSD de libc, es vulnerable a una denegación de servicio debido al agotamiento de la pila. Mac OS X, Safari, Firefox and Kaspersky all suffer from a regular expression denial of service condition that was discovered long ago in regcomp(). • https://www.exploit-db.com/exploits/36288 http://seclists.org/fulldisclosure/2014/Mar/166 http://www.securityfocus.com/bid/50541 https://cxsecurity.com/issue/WLB-2011110082 https://www.securityfocus.com/archive/1/520390 • CWE-400: Uncontrolled Resource Consumption •
CVE-2011-3242
https://notcve.org/view.php?id=CVE-2011-3242
The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X does not properly recognize the Always value of the Block Cookies setting, which makes it easier for remote web servers to track users via a cookie. La característica de navegación privada en Apple Safari antes de v5.1.1 en Mac OS X no reconoce adecuadamente el valor "Always" de la caracteristica "Block Cookies", lo que hace más sencillo para servidores remotos localizar a usuarios a través de una cookie. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/76391 http://support.apple.com/kb/HT5000 https://exchange.xforce.ibmcloud.com/vulnerabilities/70569 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2011-3221 – Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3221
QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. QuickTime en Apple Mac OS X anterior a v10.7.2 no controla correctamente la jerarquía de atom en los archivos de películas, permitiendo a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un archivo especialmente diseñado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses the atom hierarchy within a QuickTime movie file. In a certain situation the application will pass execution to another function for handling the atom, however, will pass the incorrect number of arguments. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76378 http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5016 http://www.securityfocus.com/bid/50085 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-3225
https://notcve.org/view.php?id=CVE-2011-3225
The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account. El componente SMB File Server en Apple Mac OS X v10.7 antes de v10.7.2 no impide que todos los usuarios invitados accedan al registro de punto de uso compartido de una carpeta de invitados restringida, lo que permite a atacantes remotos evitar las restricciones de navegación destinadas a aprovechar el acceso a la cuenta "nobody". • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://osvdb.org/76376 http://support.apple.com/kb/HT5002 http://www.securityfocus.com/bid/50085 • CWE-264: Permissions, Privileges, and Access Controls •