CVE-2006-4412
https://notcve.org/view.php?id=CVE-2006-4412
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects. WebKit de Apple Mac OS X 10.3.x hasta 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos ejecutar código de su elección mediante un archivo HTML manipulado, que accede a objetos previamente liberados (deallocated). • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017304 http://www.kb.cert.org/vuls/id/848960 http://www.osvdb.org/30726 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 https://exchange.xforce.ibmcloud.com/vulnerabilities/30645 •
CVE-2006-4411
https://notcve.org/view.php?id=CVE-2006-4411
The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors. El servicio VPN de Apple Mac OS X 10.3.x hasta 10.3.9 y 10.4.x hasta 10.4.8 no limpia adecuadamente el entorno cuando ejecuta comandos, lo cual permite a usuarios locales ganar privilegios mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017304 http://www.osvdb.org/30727 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVE-2006-4398
https://notcve.org/view.php?id=CVE-2006-4398
Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests. Múltiples desbordamientos de búfer en el servidor Apple Type Services (ATS) en Mac OS X 10.4 hasta 10.4.8 permite a usuarios locales ejecutar código de su elección mediante peticiones de servicio artesanales. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017301 http://www.kb.cert.org/vuls/id/800296 http://www.osvdb.org/30738 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVE-2006-6173 – Apple Mac OSX 10.4.x - 'Shared_Region_Make_Private_Np' Kernel Function Local Memory Corruption
https://notcve.org/view.php?id=CVE-2006-6173
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number of ranges in the shared_region_make_private_np_args parameter. Desbordamiento de búfer en la función shared_region_make_private_np de vm/vm_unix.c de Mac OS X 10.4.6 y versiones anteriores permite a usuarios locales ejecutar código de su elección mediante (1) un contador de rango pequeño, que provoca insuficiencia de reserva de memoria, ó (2) un gran número de rangos en el parámetro shared_region_make_private_np_args. • https://www.exploit-db.com/exploits/29201 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://projects.info-pull.com/mokb/MOKB-28-11-2006.html http://secunia.com/advisories/23120 http://secunia.com/advisories/24479 http://securitytracker.com/id?1017306 http://www.securityfocus.com/bid/21349 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http:& •
CVE-2006-4401
https://notcve.org/view.php?id=CVE-2006-4401
Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. Vulnerabilidad no especificada en CFNetwork en Mac OS 10.4.8 y versiones anteriores permite a atacantes remotos con la intervención del usuario ejecutar comandos FTP de su elección mediante una URI FTP manipulada. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017302 http://www.kb.cert.org/vuls/id/681056 http://www.osvdb.org/30736 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •