CVSS: 7.2EPSS: 0%CPEs: 40EXPL: 2CVE-2007-0753 – Apple Mac OSX 10.4.9 - VPND Local Format String
https://notcve.org/view.php?id=CVE-2007-0753
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. Una vulnerabilidad de cadena de formato en el demonio VPN (vpnd) en Apple Mac OS X versiones 10.3.9 y 10.4.9 permite a los usuarios locales ejecutar código arbitrario por medio del parámetro -i. • https://www.exploit-db.com/exploits/30096 https://www.exploit-db.com/exploits/4013 http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35143 http://www.securityfocus.com/archive/1/469882/100/0/threaded http://www.securityfocus.com/archive/1/469889/100/0/threaded http://www.securityfocus.com/bid/24144 http://www.securityfocus.com/bid/2420 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-0740
https://notcve.org/view.php?id=CVE-2007-0740
Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files. El administrado de Alias en el Apple Mac OS X 10.3.9 y 10.4.9 no muestra ficheros con el mismo nombre en imágenes de disco montadas que tengan el mismo nombre, lo que permite a atacantes con la intervención del usuario pueden engañar a un usuario para que ejecute ficheros maliciosos. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35147 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018121 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34498 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2007-0752 – Apple Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-0752
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. El demonio PPP (pppd) en el Apple Mac OS X 10.4.8 comprueba la propiedad del descriptor del fichero stdin para determinar si el solicitante tiene suficientes privilegios, lo que permite a usuarios locales cargar extensiones de su elección y obtener privilegios de administrador evitando estas comprobaciones. • https://www.exploit-db.com/exploits/3985 http://docs.info.apple.com/article.html?artnum=305530 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35144 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018124 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities&#x •
CVSS: 2.1EPSS: 0%CPEs: 40EXPL: 0CVE-2007-0751
https://notcve.org/view.php?id=CVE-2007-0751
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. Una secuencia de comandos de limpieza en el crontab del Apple Mac OS X 10.3.9 y 10.4.9 puede borrar ficheros de sistemas que han sido montado en /tmp, lo que permite a usuarios locales provocar una denegación de servicio, relacionada con el comando find. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35145 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018117 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34500 •
CVSS: 9.4EPSS: 49%CPEs: 9EXPL: 1CVE-2007-2386 – Apple Mac OSX - mDNSResponder UPnP Location Overflow
https://notcve.org/view.php?id=CVE-2007-2386
Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. Desbordamiento de búfer en el mDNSResponder del Apple Mac OS X 10.4 hasta la 10.4.9 permite a atacantes remotos causar una denegación de servicio (terminación de la aplicación) o ejecutar código de su elección a través de un paquete UPnP Internet Gateway Device (IGD) manipulado. • https://www.exploit-db.com/exploits/16871 http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://secunia.com/advisories/25745 http://www.kb.cert.org/vuls/id/221876 http://www.osvdb.org/35142 http://www.securityfocus.com/bid/24144 http://www.securityfocus.com/bid/24159 http://www&# •