CVSS: 4.6EPSS: 2%CPEs: 14EXPL: 0CVE-2006-1471
https://notcve.org/view.php?id=CVE-2006-1471
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. Vulnerabilidad de formato de cadena en la función CF_syslog launchd en Apple Mac OS X v10.4 hasta v10.4.6 permite a usuarios locales ejecutar código de su elección a través de especificadores de formato de cadena que no son manejados adecuadamente en una llamada syslog en la facilidad logging, como quedó demostrado usando un fichero plist manipulado. • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016397 http://www.osvdb.org/26933 http://www.securityfocus.com/archive/1/438699/100/0/threaded http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18724 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27479 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0CVE-2006-1468
https://notcve.org/view.php?id=CVE-2006-1468
Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. Vulnerabilidad no especificada en Apple File Protocol (AFP)server en Apple Mac OS X v10.4 actualizado a v10.4.6 incluye el nombre de ficheros con restricción y directorios dentro de resultados de busqueda, lo que puede permitir a atacantes remotos obtener información sensible. • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016395 http://www.osvdb.org/26930 http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18733 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27477 •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 0CVE-2006-1450
https://notcve.org/view.php?id=CVE-2006-1450
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016078 http://www.osvdb.org/25594 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26419 •
CVSS: 7.5EPSS: 14%CPEs: 2EXPL: 0CVE-2006-1449
https://notcve.org/view.php?id=CVE-2006-1449
Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016078 http://www.osvdb.org/25593 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26417 •
CVSS: 7.5EPSS: 9%CPEs: 4EXPL: 0CVE-2006-1456
https://notcve.org/view.php?id=CVE-2006-1456
Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016070 http://www.osvdb.org/25600 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26424 •