CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2010-1828
https://notcve.org/view.php?id=CVE-2010-1828
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon restart) via crafted reconnect authentication packets. AFP Server en Apple Mac OS X v10.5.8 y v10.6.x antes de v10.6.5 permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero NULO y consecuente reinicio del demonio) a través de paquetes modificados a mano de autenticación de reconexión. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2010-1837
https://notcve.org/view.php?id=CVE-2010-1837
CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a PDF document. CoreText en Apple Mac OS X v10.5.8 y v10.6.x antes de v10.6.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (por corrupción de memoria) a través de una fuente hecha a mano en un documento PDF. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securityfocus.com/bid/44808 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.0EPSS: 0%CPEs: 12EXPL: 0CVE-2010-1829
https://notcve.org/view.php?id=CVE-2010-1829
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share. Vulnerabilidad de salto de directorio en AFP Server en Apple Mac OS X v10.5.8 y v10.6.x anterior a v10.6.5 que permite a usuarios autenticados de forma remota ejecutar código de su elección si se crean ficheros que están fuera del rango compartido. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 2%CPEs: 10EXPL: 0CVE-2010-3786
https://notcve.org/view.php?id=CVE-2010-3786
QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file. QuickLook en Apple Mac OS X v10.6.x anterior a v10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servivio (corrupción de memoria y caída de la aplicación) a través de un archivo Excel manipulado. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=881 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00006.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://secunia.com/advisories/42314 http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4456 http://support.apple.com/kb/HT5004 http://www.securitytracker.com/id?1024723 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 13%CPEs: 12EXPL: 1CVE-2010-1840 – Apple Directory Services - Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1840
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Desbordamiento de búfer basado en pila en la funcionalidad de validación del password en el Directory Services en Apple Mac OS X v.10.5.8 and v.10.6.x anterior a v.10.6.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. • https://www.exploit-db.com/exploits/15491 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://support.apple.com/kb/HT4435 http://www.securitytracker.com/id?1024723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •