Page 427 of 2650 results (0.012 seconds)

CVSS: 9.3EPSS: 5%CPEs: 5EXPL: 0

CVE-2008-1034

https://notcve.org/view.php?id=CVE-2008-1034

Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow. Un desbordamiento de enteros en Help Viewer en Apple Mac OS X versiones anteriores a 10.5, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de una URL help:topic que desencadena un desbordamiento de búfer. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020138 http://www.kb.cert.org/vuls/id/566875 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29483 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42716 • CWE-189: Numeric Errors •

CVSS: 4.3EPSS: 1%CPEs: 9EXPL: 0

CVE-2008-1036 – ICU: Invalid character sequences omission during conversion of some character encodings (XSS attack possible)

https://notcve.org/view.php?id=CVE-2008-1036

The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. La biblioteca International Components for Unicode (ICU) en Apple Mac OS X versiones anteriores a 10.5.3, Red Hat Enterprise Linux versión 5 y otros sistemas operativos, omite algunas secuencias de caracteres no válidas durante la conversión de algunas codificaciones de caracteres, lo que podría permitir a los atacantes remotos conducir ataques de tipo cross-site scripting (XSS). • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://secunia.com/advisories/34290 http://secunia.com/advisories/34777 http://securitytracker.com/id?1020139 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0064 http://www.debian.org/security/2009/dsa-1762 http://www.redhat.com/support/errata/RHSA-2009-0296.html http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29488 http://www.ubuntu • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-1571

https://notcve.org/view.php?id=CVE-2008-1571

Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. Una vulnerabilidad de salto de directorio en el servidor web incorporado en Image Capture en Apple Mac OS X versiones anteriores a 10.5, permite a los atacantes remotos leer archivos arbitrarios por medio de secuencias de salto de directorio en el URI. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020141 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29501 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42718 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.1EPSS: 1%CPEs: 8EXPL: 0

CVE-2008-1573

https://notcve.org/view.php?id=CVE-2008-1573

The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read. El motor de decodificación de imágenes BMP y GIF en ImageIO en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos obtener información confidencial (contenido de memoria) por medio de una imagen (1) BMP o (2) GIF diseñada, lo que causa una lectura fuera de límites. • http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://secunia.com/advisories/30775 http://securitytracker.com/id?1020144 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29513 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/adviso • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 3%CPEs: 8EXPL: 0

CVE-2008-1574

https://notcve.org/view.php?id=CVE-2008-1574

Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow. Un desbordamiento de enteros en ImageIO en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de una imagen JPEG2000 diseñada que desencadena un desbordamiento de búfer en la región heap de la memoria. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020144 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29514 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42722 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •