CVSS: 7.1EPSS: 5%CPEs: 14EXPL: 2CVE-2007-0646 – Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String
https://notcve.org/view.php?id=CVE-2007-0646
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function. Una vulnerabilidad de cadena de formato en iMovie HD versión 6.0.3 y Safari en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a atacantes remotos asistidos por el usuario causar una denegación de servicio (bloqueo de aplicación) por medio de los especificadores de cadena de formato en un nombre de archivo, que no es manejado apropiadamente cuando llaman a la función NSRunCriticalAlertPanel de Apple AppKit. • https://www.exploit-db.com/exploits/29551 http://docs.info.apple.com/article.html?artnum=305391 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/24966 http://secunia.com/advisories/27643 http://www.digitalmunition.com/MOAB-30-01-2007.html http://www.securityfocus.com/bid/22326 http://www.securityfocus • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 95%CPEs: 12EXPL: 2CVE-2007-0464 – Apple CFNetwork - HTTP Response Denial of Service
https://notcve.org/view.php?id=CVE-2007-0464
The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. La función _CFNetConnectionWillEnqueueRequests en CFNetwork versión 129.19 en Apple Mac OS X versión 10.4 hasta 10.4.10, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicación) por medio de una respuesta 301 HTTP diseñada, que resulta en una desreferencia del puntero NULL. • https://www.exploit-db.com/exploits/3200 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://projects.info-pull.com/moab/MOAB-25-01-2007.html http://secunia.com/advisories/27643 http://www.osvdb.org/32704 http://www.securityfocus.com/bid/22249 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0478
https://notcve.org/view.php?id=CVE-2007-0478
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment. En WebCore en Apple Mac OS X versiones 10.3.9 y 10.4.10, tal como es usado en Safari, no analiza de forma apropiada los comentarios HTML en elementos TITLE, lo que permite a los atacantes remotos conducir ataques de tipo Cross-Site Scripting (XSS) y omitir algunos esquemas de protección XSS insertando ciertas etiquetas HTML dentro de un comentario HTML. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://osvdb.org/32712 http://secunia.com/advisories/23893 http://secunia.com/advisories/26235 http://securitytracker.com/id?1018494 http://www.beanfuzz.com/wordpress/?p=99 http://www.securityfocus.com/archive/1/457763/100/0/threaded http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0430 – Apple Mac OSX 10.4.x Kernel - 'shared_region_map_file_np()' Memory Corruption
https://notcve.org/view.php?id=CVE-2007-0430
The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. La función shared_region_map_file_np en Apple Mac OS X 10.4.8 y núcleos anetriores permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) mediante un valor mappingCount grande. • https://www.exploit-db.com/exploits/3167 http://risesecurity.org/advisory.php?id=RISE-2007001.txt http://secunia.com/advisories/23823 http://securityreason.com/securityalert/2178 http://securitytracker.com/id?1017538 http://www.osvdb.org/32942 http://www.securityfocus.com/archive/1/457466/100/0/threaded http://www.vupen.com/english/advisories/2007/0275 https://exchange.xforce.ibmcloud.com/vulnerabilities/31645 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6900
https://notcve.org/view.php?id=CVE-2006-6900
Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug." Vulnerabilidad no sepecificada en la pila Bluetooth en Apple Mac OS 10.4 tiene impacto y vectores de ataque desconocidos, relacionados con un "bug de implementación". • http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf http://osvdb.org/37608 http://www.securityfocus.com/archive/1/455889/100/0/threaded •