Page 430 of 2317 results (0.014 seconds)

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 2

crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/. crashdump en Apple Mac OS X 10.4.8 permite a usuarios locales del grupo admin modificar ficheros de su elección o ganar privilegios a través de ataque de enlaces simbólicos sobre logs de aplicación en /Library/Logs/CrashReporter/. Month of Apple Bugs - crashdump follows symlinks within the /Library/Logs/CrashReporter/ directory, allowing admin-group users to execute arbitrary code and overwrite files with elevated privileges. In couple with a specially crafted Mach-O binary, this can be used to write a malicious crontab entry, which will run with root privileges. This ruby code demonstrates this vulnerability. • https://www.exploit-db.com/exploits/3219 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://projects.info-pull.com/moab/MOAB-28-01-2007.html http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/363112 http://www.osvdb.org/32706 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007& •

CVSS: 5.0EPSS: 95%CPEs: 12EXPL: 2

The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference. La función _CFNetConnectionWillEnqueueRequests en CFNetwork versión 129.19 en Apple Mac OS X versión 10.4 hasta 10.4.10, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicación) por medio de una respuesta 301 HTTP diseñada, que resulta en una desreferencia del puntero NULL. • https://www.exploit-db.com/exploits/3200 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://projects.info-pull.com/moab/MOAB-25-01-2007.html http://secunia.com/advisories/27643 http://www.osvdb.org/32704 http://www.securityfocus.com/bid/22249 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment. En WebCore en Apple Mac OS X versiones 10.3.9 y 10.4.10, tal como es usado en Safari, no analiza de forma apropiada los comentarios HTML en elementos TITLE, lo que permite a los atacantes remotos conducir ataques de tipo Cross-Site Scripting (XSS) y omitir algunos esquemas de protección XSS insertando ciertas etiquetas HTML dentro de un comentario HTML. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://osvdb.org/32712 http://secunia.com/advisories/23893 http://secunia.com/advisories/26235 http://securitytracker.com/id?1018494 http://www.beanfuzz.com/wordpress/?p=99 http://www.securityfocus.com/archive/1/457763/100/0/threaded http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 87%CPEs: 2EXPL: 1

The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT image with a malformed Alpha RGB (ARGB) record, which triggers memory corruption. La función _GetSrcBits32ARGB en App Apple QuickDraw, tal y como lo usa Quicktime 7.1.3 y otras aplicaciones en Mac OS X 10.4.8 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código de su elección mediante una imagen PICT manipulada con un registro Alpha RGB (ARGB) mal formado, que dispara corrupción de memoria. • https://www.exploit-db.com/exploits/29509 http://projects.info-pull.com/moab/MOAB-23-01-2007.html http://secunia.com/advisories/23859 http://www.osvdb.org/32696 http://www.securityfocus.com/bid/22207 http://www.vupen.com/english/advisories/2007/0337 https://exchange.xforce.ibmcloud.com/vulnerabilities/31698 •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 2

The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, when used in combination with diskutil, allows local users to gain privileges via a malicious InputManager in Library/InputManagers in a user's home directory, which is executed when Cocoa applications attempt to notify the user. La función CFUserNotificationSendRequest en UserNotificationCenter.app de Apple Mac OS X 10.4.8, al ser usado en combinación con diskutil, permite a usuarios locales obtener privilegios mediante mediante un manejador de entrada (InputManager) en Library/InputManagers en el directorio raíz del usuario, el cual es ejecutado cuando aplicaciones Cocoa intentan notificar el usuario. • https://www.exploit-db.com/exploits/3181 http://docs.info.apple.com/article.html?artnum=305102 http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html http://projects.info-pull.com/moab/MOAB-22-01-2007.html http://secunia.com/advisories/23846 http://secunia.com/advisories/24198 http://securitytracker.com/id?1017542 http://www.kb.cert.org/vuls/id/315856 http://www.osvdb.org/32695 http://www.securityfocus.com/bid/22188 http://www.us-cert.gov/ •