Page 45 of 229 results (0.012 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. • http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0265.html http://docs.info.apple.com/article.html?artnum=301714 http://lists.apple.com/archives/quartzcomposer-dev/2005/May/msg00250.html http://lists.apple.com/archives/quartzcomposer-dev/2005/May/msg00263.html http://lists.apple.com/archives/security-announce/2005/May/msg00006.html http://remahl.se/david/vuln/018 http://secunia.com/advisories/15307 http://securitytracker.com/id?1013961 http://www.osvdb.org/16376 http:&# •

CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 0

AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •

CVSS: 5.0EPSS: 0%CPEs: 35EXPL: 0

AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11322 •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. • http://lists.apple.com/archives/security-announce/2004/Oct/msg00001.html •

CVSS: 5.1EPSS: 6%CPEs: 1EXPL: 0

Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. Desbordamiento de enteros en Apple QuickTime (QuickTime.qts) anteriores a 6.5.1 permite a atacantes ejecutar código de se elección mediante un "número de entradas" grande en la tabla de datos sample-to-chunk de un fichero de película .mov, lo que lleva un desbordamiento de búfer basado en el montón. • http://lists.apple.com/mhonarc/security-announce/msg00048.html http://marc.info/?l=bugtraq&m=108360110618389&w=2 http://marc.info/?l=ntbugtraq&m=108356485013237&w=2 http://www.kb.cert.org/vuls/id/782958 https://exchange.xforce.ibmcloud.com/vulnerabilities/16026 •