CVSS: 7.1EPSS: 5%CPEs: 14EXPL: 2CVE-2007-0646 – Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String
https://notcve.org/view.php?id=CVE-2007-0646
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function. Una vulnerabilidad de cadena de formato en iMovie HD versión 6.0.3 y Safari en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a atacantes remotos asistidos por el usuario causar una denegación de servicio (bloqueo de aplicación) por medio de los especificadores de cadena de formato en un nombre de archivo, que no es manejado apropiadamente cuando llaman a la función NSRunCriticalAlertPanel de Apple AppKit. • https://www.exploit-db.com/exploits/29551 http://docs.info.apple.com/article.html?artnum=305391 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/24966 http://secunia.com/advisories/27643 http://www.digitalmunition.com/MOAB-30-01-2007.html http://www.securityfocus.com/bid/22326 http://www.securityfocus • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 95%CPEs: 12EXPL: 2CVE-2007-0464 – Apple CFNetwork - HTTP Response Denial of Service
https://notcve.org/view.php?id=CVE-2007-0464
The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. La función _CFNetConnectionWillEnqueueRequests en CFNetwork versión 129.19 en Apple Mac OS X versión 10.4 hasta 10.4.10, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicación) por medio de una respuesta 301 HTTP diseñada, que resulta en una desreferencia del puntero NULL. • https://www.exploit-db.com/exploits/3200 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://projects.info-pull.com/moab/MOAB-25-01-2007.html http://secunia.com/advisories/27643 http://www.osvdb.org/32704 http://www.securityfocus.com/bid/22249 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0478
https://notcve.org/view.php?id=CVE-2007-0478
WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment. En WebCore en Apple Mac OS X versiones 10.3.9 y 10.4.10, tal como es usado en Safari, no analiza de forma apropiada los comentarios HTML en elementos TITLE, lo que permite a los atacantes remotos conducir ataques de tipo Cross-Site Scripting (XSS) y omitir algunos esquemas de protección XSS insertando ciertas etiquetas HTML dentro de un comentario HTML. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://osvdb.org/32712 http://secunia.com/advisories/23893 http://secunia.com/advisories/26235 http://securitytracker.com/id?1018494 http://www.beanfuzz.com/wordpress/?p=99 http://www.securityfocus.com/archive/1/457763/100/0/threaded http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2007-0430 – Apple Mac OSX 10.4.x Kernel - 'shared_region_map_file_np()' Memory Corruption
https://notcve.org/view.php?id=CVE-2007-0430
The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. La función shared_region_map_file_np en Apple Mac OS X 10.4.8 y núcleos anetriores permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) mediante un valor mappingCount grande. • https://www.exploit-db.com/exploits/3167 http://risesecurity.org/advisory.php?id=RISE-2007001.txt http://secunia.com/advisories/23823 http://securityreason.com/securityalert/2178 http://securitytracker.com/id?1017538 http://www.osvdb.org/32942 http://www.securityfocus.com/archive/1/457466/100/0/threaded http://www.vupen.com/english/advisories/2007/0275 https://exchange.xforce.ibmcloud.com/vulnerabilities/31645 •
CVSS: 6.8EPSS: 96%CPEs: 2EXPL: 2CVE-2007-0197 – Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)
https://notcve.org/view.php?id=CVE-2007-0197
Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption. Finder 10.4.6 de Apple Mac OS X 10.4.8 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante un nombre de volumen largo en una imagen de disco DMG, que provoca una corrupción de memoria. • https://www.exploit-db.com/exploits/3110 http://docs.info.apple.com/article.html?artnum=305102 http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html http://projects.info-pull.com/moab/MOAB-09-01-2007.html http://secunia.com/advisories/24198 http://www.digitalmunition.com/DMA%5B2007-0109a%5D.txt http://www.kb.cert.org/vuls/id/240880 http://www.osvdb.org/32714 http://www.securityfocus.com/archive/1/456578/100/0/threaded http://www.securityfocus. • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •