CVSS: 5.0EPSS: 6%CPEs: 4EXPL: 0CVE-2006-3496
https://notcve.org/view.php?id=CVE-2006-3496
AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition. AFP Server en Apple Mac OS X 10.3.9 y 10.4.7 permite a atacantes remotos provocar denegación de servicio (caida) a través de respuestas no válidas AFP que disparan una condición de error no válida. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/21253 http://securitytracker.com/id?1016620 http://www.kb.cert.org/vuls/id/180692 http://www.osvdb.org/27733 http://www.securityfocus.com/bid/19289 http://www.us-cert.gov/cas/techalerts/TA06-214A.html http://www.vupen.com/english/advisories/2006/3101 https://exchange.xforce.ibmcloud.com/vulnerabilities/28137 •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 3CVE-2006-3946
https://notcve.org/view.php?id=CVE-2006-3946
WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag. WebCore en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.7 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante HTML artesanal que provoca un "error de gestión de memoria" en WebKit, posiblemente debido a un desbordamiento de buffer, como fue originalmente reportado para la función KHTMLParser::popOneBlock en Apple Safari 2.0.4 usando Javascript que cambia document.body.innerHTML dentro de una etiqueta DIV. • http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html http://secunia.com/advisories/21271 http://secunia.com/advisories/22187 http://securitytracker.com/id?1016957 http://www.osvdb.org/27534 http://www.securityfocus.com/bid/19250 http://www.vupen.com/english/advisories/2006/3069 http://www.vupen.com/english/advisories/2006/3852 https://exchange.xforce.ibmcloud.com/vulnerabilities/28081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3356
https://notcve.org/view.php?id=CVE-2006-3356
The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469. La función TIFFFetchAnyArray en ImageIO de Apple OS X 10.4.7 y versiones anteriores permiten al atacantes con la intervención del usuario causar una denegación de servicios (caída de la aplicación)a través de un valor de etiqueta inválido en una imagen TIFF, posiblemente lanzando una referencia nula. NOTA: Asunto diferente a CVE-2006-1469. • http://www.security-protocols.com/sp-x31-advisory.php http://www.vupen.com/english/advisories/2006/2606 https://exchange.xforce.ibmcloud.com/vulnerabilities/27482 •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2006-1469
https://notcve.org/view.php?id=CVE-2006-1469
Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. Desbordamiento de búfer basado en pila en ImageIO de Apple Mac OS X v10.4 hasta la v10.4.6 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a través de una imagen TIFF modificada. • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016394 http://www.kb.cert.org/vuls/id/988356 http://www.osvdb.org/26931 http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18731 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27478 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 10%CPEs: 14EXPL: 3CVE-2006-1470 – Apple Mac OSX 10.4.x - OpenLDAP Denial of Service
https://notcve.org/view.php?id=CVE-2006-1470
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. OpenLDAP en Apple Mac OS X v10.4 up a v10.4.6 permite a atacantes remotos causar una denegación de servicio (caída) a través de una petición LDAP no válida que lanza un error assert. • https://www.exploit-db.com/exploits/28135 http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016396 http://www.kb.cert.org/vuls/id/652196 http://www.osvdb.org/26932 http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18728 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27480 • CWE-399: Resource Management Errors •