CVSS: 6.8EPSS: 1%CPEs: 16EXPL: 0CVE-2011-0208
https://notcve.org/view.php?id=CVE-2011-0208
QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document. QuickLook para Apple Mac OS X v10.6 antes de v10.6.8 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un documento de Microsoft Office hecho a mano. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://support.apple.com/kb/HT4723 http://support.apple.com/kb/HT4999 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 18EXPL: 0CVE-2011-0209 – Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0209
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file. Desbordamiento de entero en QuickTime para Apple Mac OS X antes de v10.6.8 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por caída de aplicación) a través de un archivo WAV RIFF hecho a mano. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specially formatted RIFF WAV file. When parsing a fmt chunk within the file, the application will use a 32-bit field to calculate the size of a buffer to allocate. • http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://support.apple.com/kb/HT4723 • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2011-0207
https://notcve.org/view.php?id=CVE-2011-0207
The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network. El componente MobileMe en Apple Mac OS X antes de v10.6.8 utiliza una sesión de HTTP sin cifrar para la aplicación Mail para leer aliases de correo electrónico, lo que permite a atacantes remotos obtener información de alias potencialmente sensible "esnifando" la red. • http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://support.apple.com/kb/HT4723 http://www.securityfocus.com/bid/48444 • CWE-310: Cryptographic Issues •
CVSS: 3.3EPSS: 0%CPEs: 16EXPL: 0CVE-2009-5044
https://notcve.org/view.php?id=CVE-2009-5044
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. contrib/pdfmark/pdfroff.sh en GNU troff (también conocido como groff) antes de v1.21 permite sobreescribir ficheros de su elección a los usuarios locales a través de un ataque de enlace simbólico sobre un fichero temporal pdf#####.tmp . • ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330 http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1%3Br2=1.2%3Bf=h http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://openwall.com/lists/oss-security/2009/08/09/1 http://ope • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-0196
https://notcve.org/view.php?id=CVE-2011-0196
AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network. AirPort para Apple Mac OS X antes de v10.5.8 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites leer y posterior reinicio) a través de marcos (frames) Wi-Fi en la red inalámbrica local. • http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html http://support.apple.com/kb/HT4723 • CWE-399: Resource Management Errors •