CVE-2009-0949 – CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. La función ippReadIO en cups/ipp.c en cupsd en CUPS antes de la versión 1.3.10 no inicia de manera apropiada la memoria para paquetes de solicitud IPP, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída del demonio) mediante una solicitud de programación (scheduler) con dos etiquetas IPP_TAG_UNSUPPORTED consecutivas. • https://www.exploit-db.com/exploits/33020 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35322 http://secunia.com/advisories/35328 http://secunia.com/advisories/35340 http://secunia.com/advisories/35342 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 http://securitytracker.com/id?1022321 http://support.apple.com/kb/HT3865 http • CWE-476: NULL Pointer Dereference CWE-908: Use of Uninitialized Resource •
CVE-2009-1717
https://notcve.org/view.php?id=CVE-2009-1717
Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow. Vulnerabilidad de desbordamiento de entero en Terminal de Apple Mac OS X en sus versiones v10.5 anteriores a v10.5.7. Permite a atacantes remotos ejecutar código de su elección o ejecutar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de valores de tamaño manipulados en la secuencia de escape de redimensionamiento de xterm CSI[4, lo que provoca un desbordamiento de buffer de la memoria dinámica (heap). • http://dvlabs.tippingpoint.com/advisory/TPTI-09-04 http://securitytracker.com/id?1022322 http://support.apple.com/kb/HT3549 http://www.securityfocus.com/archive/1/504031/100/0/threaded http://www.securityfocus.com/bid/35182 https://exchange.xforce.ibmcloud.com/vulnerabilities/50982 • CWE-189: Numeric Errors •
CVE-2009-0943
https://notcve.org/view.php?id=CVE-2009-0943
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files. Help Viewer de Apple Mac OS X v10.4.11 y v10.5 anteriores a v10.5.7 no verifica que las rutas HTML esten localizadas en un libro de ayuda registrado, lo cual permite a atacantes remotos ejecutar código arbitrario a través de una URL help: la que desencadena la invocación de archivos AppleScript. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/35074 http://support.apple.com/kb/HT3549 http://www.securityfocus.com/bid/34926 http://www.securitytracker.com/id?1022216 http://www.us-cert.gov/cas/techalerts/TA09-133A.html http://www.vupen.com/english/advisories/2009/1297 https://exchange.xforce.ibmcloud.com/vulnerabilities/50486 • CWE-20: Improper Input Validation •
CVE-2009-0156
https://notcve.org/view.php?id=CVE-2009-0156
Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to cause a denial of service (persistent Finder crash) via a crafted Mach-O executable that triggers an out-of-bounds memory read. Launch Services en Apple Mac OS X v10.4.11 y v10.5 antes de v10.5.7 permite a atacantes remotos provocar una denegación de servicio (cuelgue persistente de Finder) a través de un ejecutable elaborado "Mach-O" que desencadena una lectura fuera de los límites de memoria. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/35074 http://support.apple.com/kb/HT3549 http://www.securityfocus.com/bid/34926 http://www.securityfocus.com/bid/34932 http://www.securitytracker.com/id?1022215 http://www.us-cert.gov/cas/techalerts/TA09-133A.html http://www.vupen.com/english/advisories/2009/1297 https://exchange.xforce.ibmcloud.com/vulnerabilities/50490 • CWE-20: Improper Input Validation •
CVE-2009-0149
https://notcve.org/view.php?id=CVE-2009-0149
Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image that triggers memory corruption. Apple Mac OS X v10.4.11 y v10.5 antes de v10.5.7 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (cuelgue de aplicación) por tratar de montar una imagen de disco (disperso) elaborado lo cual provoca la corrupción de memoria. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/35074 http://support.apple.com/kb/HT3549 http://www.securityfocus.com/bid/34926 http://www.securityfocus.com/bid/34942 http://www.securitytracker.com/id?1022217 http://www.us-cert.gov/cas/techalerts/TA09-133A.html http://www.vupen.com/english/advisories/2009/1297 https://exchange.xforce.ibmcloud.com/vulnerabilities/50484 • CWE-94: Improper Control of Generation of Code ('Code Injection') •