CVE-2008-4224
https://notcve.org/view.php?id=CVE-2008-4224
UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file. UDF en Apple Mac OS X anterior a v10.5.6, permite a atacantes asistidos por el usuario local provocar una denegación del servicio (caída del sistema) a través de un volumen UDF mal formado en un fichero ISO manipulado. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/33179 http://support.apple.com/kb/HT3338 http://www.securityfocus.com/bid/32839 http://www.securityfocus.com/bid/32872 http://www.securitytracker.com/id?1021410 http://www.us-cert.gov/cas/techalerts/TA08-350A.html http://www.vupen.com/english/advisories/2008/3444 • CWE-20: Improper Input Validation •
CVE-2008-4220
https://notcve.org/view.php?id=CVE-2008-4220
Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure. Desbordamiento de entero en el API inet_net_pton de Libsystem de Apple Mac OS X anterior a v10.5.6, permite a atacantes dependientes del contexto ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. NOTA: Puede que esté relacionado con el aviso WLB-2008080064 publicado por SecurityReason el 22-08-2008; sin embargo a 16-12-2008 no hay suficientes detalles para confirmarlo. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/33179 http://support.apple.com/kb/HT3338 http://www.securityfocus.com/bid/32839 http://www.securityfocus.com/bid/32877 http://www.securitytracker.com/id?1021406 http://www.us-cert.gov/cas/techalerts/TA08-350A.html http://www.vupen.com/english/advisories/2008/3444 • CWE-189: Numeric Errors •
CVE-2008-4237
https://notcve.org/view.php?id=CVE-2008-4237
Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting. Managed Client en Apple Mac OS X anterior a v10.5.6 a veces no identifica los parámetros de configuración de un sistema cuando instala a través de un cliente, lo que permite a atacantes dependientes del contexto producir un impacto inespecifico mediante la utilización involuntaria de parámetros, como se demuestra en el parámetro de bloqueo del salvapantallas. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/33179 http://support.apple.com/kb/HT3338 http://www.securityfocus.com/bid/32839 http://www.securityfocus.com/bid/32880 http://www.securitytracker.com/id?1021407 http://www.us-cert.gov/cas/techalerts/TA08-350A.html http://www.vupen.com/english/advisories/2008/3444 •
CVE-2008-5183 – CUPS 1.3.7 - Cross-Site Request Forgery (Add RSS Subscription) Remote Crash
https://notcve.org/view.php?id=CVE-2008-5183
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184. cupsd en CUPS versión 1.3.9 y anteriores, permite a los usuarios locales, y posiblemente atacantes remotos, causar una denegación de servicio (bloqueo del demonio) mediante la adición de un gran número de Suscripciones RSS, que desencadena una desreferencia de puntero NULL. NOTA: este problema puede ser desencadenado remotamente mediante el aprovechamiento de CVE-2008-5184. • https://www.exploit-db.com/exploits/7150 http://lab.gnucitizen.org/projects/cups-0day http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/33937 http://secunia.com/advisories/43521 http://support.apple.com/kb/HT3438 http://www.debian.org/security/2011/dsa-2176 http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups http://www.mandriva.com/security/adviso • CWE-476: NULL Pointer Dereference •
CVE-2008-3529 – Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
https://notcve.org/view.php?id=CVE-2008-3529
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Desbordamiento de búfer basado en pila en la función xmlParseAttValueComplex en el módulo parser.c de libxml2 versiones anteriores a 2.7.0 permite a atacantes dependientes del contexto provocar una denegación de servicio (parada inesperada) o la posibilidad de ejecutar código de su elección al utilizar un nombre largo de entidad XML. • https://www.exploit-db.com/exploits/8798 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg00000.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://secunia.com/advisories/31558 http://secunia.com/advisories/31855 http://secunia.com/advisories/31860 http://secunia.com/advisories/31868 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •