CVSS: 6.8EPSS: 96%CPEs: 2EXPL: 2CVE-2007-0197 – Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)
https://notcve.org/view.php?id=CVE-2007-0197
Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption. Finder 10.4.6 de Apple Mac OS X 10.4.8 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante un nombre de volumen largo en una imagen de disco DMG, que provoca una corrupción de memoria. • https://www.exploit-db.com/exploits/3110 http://docs.info.apple.com/article.html?artnum=305102 http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html http://projects.info-pull.com/moab/MOAB-09-01-2007.html http://secunia.com/advisories/24198 http://www.digitalmunition.com/DMA%5B2007-0109a%5D.txt http://www.kb.cert.org/vuls/id/240880 http://www.osvdb.org/32714 http://www.securityfocus.com/archive/1/456578/100/0/threaded http://www.securityfocus. • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 3CVE-2007-0117 – Apple Mac OSX 10.4.8 - DiskManagement BOM 'cron' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-0117
DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation. DiskManagementTool en el DiskManagement.framework 92.29 de Mac OS X 10.4.8 no valida adecuadamente archivos de Factura de Materiales (Bill of Materials o BIM), lo cual permite a los atacantes obtener privilegios mediante un archivo BOM bajo /Library/Receipts/, que dispara cambios de permisos de archivo de su elección cuando se ejecuta una operación de reparación de permisos de la utilidad de discos (diskutil permission repair). • https://www.exploit-db.com/exploits/3088 https://www.exploit-db.com/exploits/3087 http://osvdb.org/31167 http://projects.info-pull.com/moab/MOAB-05-01-2007.html http://secunia.com/advisories/23653 http://www.securityfocus.com/bid/21899 http://www.vupen.com/english/advisories/2007/0074 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6906
https://notcve.org/view.php?id=CVE-2006-6906
Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900. Vulnerabilidad no especificada en la pila Bluetooth de Mac OS 10.4.7 y anteriores tiene impacto y vectores de ataque locales desconocidos, relacionados con el "manejo de excepciones Mach", un problema distinto de CVE-2006-????. • http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf http://osvdb.org/36836 http://www.securityfocus.com/archive/1/455889/100/0/threaded •
CVSS: 9.0EPSS: 2%CPEs: 45EXPL: 2CVE-2006-6652 – NetBSD - 'FTPd / Tnftpd' Remote Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-6652
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. Desbordamiento de búfer en la conjunto de la implementación de libc in NetBSD-current versiones anteriores a 20050914, NetBSD 2.* y 3.* versiones anteriores a 20061203, y Apple Mac OSX anterior a 2007-004, tal y como se usan en el demonio FTP y tnftpd, permite a atacantes remotos autenticados ejecutar código de su elección mediante un nombre de ruta largo que resulta de una expansión en la ruta. • https://www.exploit-db.com/exploits/2874 https://www.exploit-db.com/exploits/29204 http://docs.info.apple.com/article.html?artnum=305391 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-027.txt.asc http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html http://secunia.com/advisories/23178 http://secunia.com/advisories/24966 http://securitytracker.com/id?1017386 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.6EPSS: 0%CPEs: 18EXPL: 0CVE-2006-5681
https://notcve.org/view.php?id=CVE-2006-5681
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects. QuickTime para Java en Mac OS X 10.4 hasta 10.4.8, cuando es usado con Quartz Composer, permite a atacantes remotos obtener información sensible (imágenes de la pantalla) mediante un applet de Java que accede a imágenes que han sido renderizadas por otros objetos QuickTime empotrados. • http://docs.info.apple.com/article.html?artnum=304916 http://lists.apple.com/archives/Security-announce/2006/Dec/msg00000.html http://secunia.com/advisories/23438 http://securitytracker.com/id?1017402 http://www.osvdb.org/32380 http://www.securityfocus.com/bid/21672 http://www.vupen.com/english/advisories/2006/5072 •