CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 0CVE-2007-0747
https://notcve.org/view.php?id=CVE-2007-0747
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables. load_webdav en Apple Mac OS X 10.3.9 hasta la 10.4.9 no limpia de forma adecuada el marco cuando esta montado el sitema de archivos WebDAV, lo cual permite a usuarios locales ganar privilegios a través de la configuración de variables de entorno no especificadas. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.kb.cert.org/vuls/id/474969 http://www.osvdb.org/34871 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 4.6EPSS: 0%CPEs: 10EXPL: 0CVE-2007-0738
https://notcve.org/view.php?id=CVE-2007-0738
The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication controls. La ventana de inicio de sesión en Apple Mac OS X 10.4 hasta 10.4.9 no muestra diálogo de autenticación del salva pantallas en ciertas circunstancias al "despertarse", aún cuando la opción "requerir contraseña al despertar" está habilitada, lo cual permite a usuarios locales evitar el control de autenticación. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34863 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017939 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 9.3EPSS: 3%CPEs: 22EXPL: 0CVE-2007-0736
https://notcve.org/view.php?id=CVE-2007-0736
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. Desbordamiento de entero en la librería RPC de Libinfo en Apple Mac OS X 10.3.9 hasta 10.4.9 permite a atacantes remotos ejecutar código de su elección mediante peticiones manipuladas a portmap. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34861 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 https://exchange.xforce.ibmcloud.com/vulnerabilities/33782 •
CVSS: 7.5EPSS: 5%CPEs: 11EXPL: 0CVE-2007-0741
https://notcve.org/view.php?id=CVE-2007-0741
Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets. Desbordamiento de búfer en natd en network_cmds en Apple Mac OS X 10.3.9 hasta 10.4.9, cuando Internet Sharing está activado, permite a atacantes remotos ejecutar código de su elección a través de paquetes RTSP mal formados. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34865 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2007-0743
https://notcve.org/view.php?id=CVE-2007-0743
URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credentials for mounting filesystems on SMB servers as command line arguments to the mount_sub command, which may allow local users to obtain sensitive information by listing the process. URLMount en Apple Mac OS X 10.3.9 hasta la 10.4.9 aprueba los credenciales de nombre y contraseña para montar un sistema de ficheros sobre servidores SMB como argumento de linea de comando en el comando mount_sub, lo caul podría permitir a usuarios locales obtener información sensible listando los procesos. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34867 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •