Page 418 of 2935 results (0.012 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2010-1378

https://notcve.org/view.php?id=CVE-2010-1378

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority. OpenSSL en Apple Mac OS X v10.6.x anterior a v10.6.5 no realiza apropiadamente operaciones aritméticas, que permite a atacantes remotos evitar certificados autenticados X.509 a través de un certificado de su elección emitido por una Autoridad de Certificación legítima. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 • CWE-295: Improper Certificate Validation •

CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0

CVE-2010-1841

https://notcve.org/view.php?id=CVE-2010-1841

Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image. Imágenes en disco en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria y bloqueo de la aplicación) a través de un imagen UDIF manipulada. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securityfocus.com/bid/44815 http://www.securitytracker.com/id?1024723 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 2%CPEs: 10EXPL: 0

CVE-2010-3786

https://notcve.org/view.php?id=CVE-2010-3786

QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file. QuickLook en Apple Mac OS X v10.6.x anterior a v10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servivio (corrupción de memoria y caída de la aplicación) a través de un archivo Excel manipulado. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://secunia.com/advisories/42314 http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4456 http://support.apple.com/kb/HT5004 http://www.securitytracker.com/id?1024723 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 13%CPEs: 12EXPL: 1

CVE-2010-1840 – Apple Directory Services - Memory Corruption

https://notcve.org/view.php?id=CVE-2010-1840

Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Desbordamiento de búfer basado en pila en la funcionalidad de validación del password en el Directory Services en Apple Mac OS X v.10.5.8 and v.10.6.x anterior a v.10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. • https://www.exploit-db.com/exploits/15491 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 1

CVE-2010-4008 – libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis

https://notcve.org/view.php?id=CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. libxml2 anterior v2.7.8, como el usado en Google Chrome anterior v7.0.517.44, Apple Safari v5.0.2 y anteriores, otros productos, ree desde localizaciones de memoria inválidas durante el procesado de expresiones XPath malformadas, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (caída aplicación) a través de un documento XML. • http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari http://code.google.com/p/chromium/issues/detail?id=58731 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •