NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" >= 10.6.0

Page 42 of 311 results (0.010 seconds)

CVSS: 3.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2010-1382

https://notcve.org/view.php?id=CVE-2010-1382

Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Wiki Server de Apple Mac OS X v10.5.8, y v10.6 anterior a v10.6.4, permite a usuarios autenticados en remotos, inyectar secuencias de comandos web de su elección o HTML a través de contenidos Wiki manipulados relacionados con la falta de un campo "charset". • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://secunia.com/advisories/40220 http://securitytracker.com/id?1024103 http://support.apple.com/kb/HT4188 http://www.securityfocus.com/bid/40871 http://www.vupen.com/english/advisories/2010/1481 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 3%CPEs: 8EXPL: 0

CVE-2010-1379

https://notcve.org/view.php?id=CVE-2010-1379

Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service (printing failure) by deploying a printing device that has a Unicode character in its printing-service name. La configuración de la impresora en Apple Mac OS X v10.6 antes de v10.6.4 no interpreta correctamente la codificación de caracteres, lo que permite provocar a atacantes remotos una denegación de servicio (por fallo de impresión) mediante el despliegue de un dispositivo de impresión que tiene un carácter Unicode en el nombre del servicio de impresión. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://secunia.com/advisories/40220 http://securitytracker.com/id?1024103 http://support.apple.com/kb/HT4188 http://www.securityfocus.com/bid/40871 http://www.vupen.com/english/advisories/2010/1481 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2010-0541 – Ruby WEBrick javascript injection flaw

https://notcve.org/view.php?id=CVE-2010-0541

Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el servidor HTTP WEBrick en Ruby en Apple Mac OS X v10.5.8 y v10.6 antes de v10.6.4, permite a atacantes remotos inyectar HTML o secuencias de comandos weba través de una URI debidamente modificada que desencadena una página de error UTF-7. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://secunia.com/advisories/40220 http://support.apple.com/kb/HT4188 http://www.mandriva.com/security/advisories?name=MDVSA-2011:097 http://www.mandriva.com/security/advisories?name=MDVSA-2011:098 http://www.redhat.com/support/errata/RHSA-2011-0908.html http://www.redhat.com/support/errata/RHSA-2011-0909.html http://www.securityfocus.com/bid/40871 http://www.securityfocus.com/bid/40895 http:// • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 0

CVE-2010-1380

https://notcve.org/view.php?id=CVE-2010-1380

Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. Un desbordamiento de entero en el filtro de impresion CUPS cgtexttops en Apple Mac OS X v10.6 antes de v10.6.4 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por caída de la aplicación) a través de vectores relacionados con el tamaño de página a imprimir. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://secunia.com/advisories/40220 http://securitytracker.com/id?1024103 http://support.apple.com/kb/HT4188 http://www.securityfocus.com/bid/40871 http://www.vupen.com/english/advisories/2010/1481 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 4%CPEs: 74EXPL: 0

CVE-2010-1774

https://notcve.org/view.php?id=CVE-2010-1774

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. Webkit en Apple Safari anterior a v5.0 en MAc OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, accede a la memoria fuera de rango durante el prcesamiento de talas HTML, lo cuál permite a atacantes remotos ejecutar código a su elección o causar una denegación del servicio (caída de aplicación) a través de documentos HTML manipulados. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/40105 http://secunia.com/advisories/40196 http://secunia.com/advisories/41856 http://secunia.com/advisories/43068 http://securitytracker.com/id?1024067 http://supp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...40 41 42 43 44