CVSS: 6.8EPSS: 4%CPEs: 3EXPL: 0CVE-2007-2406
https://notcve.org/view.php?id=CVE-2007-2406
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file. Quartz Composer en Apple Mac OS X 10.4.10 no inicializa cierto punto a objeto, lo cual podría permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero Quartz Composer manipulado artesanalmente. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35737 •
CVSS: 10.0EPSS: 2%CPEs: 11EXPL: 0CVE-2007-3828
https://notcve.org/view.php?id=CVE-2007-3828
Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386. Vulnerabilidad no especificada en mDNSResponder en Apple Mac OS X permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, asunto similar en CVE-2007-2386. • http://infosecsellout.blogspot.com/2007/07/oh-look-apple-worm.html http://www.securityfocus.com/bid/24924 http://www.securitytracker.com/id?1018399 •
CVSS: 9.8EPSS: 68%CPEs: 49EXPL: 2CVE-2007-3798 – tcpdump - Print-bgp.C Remote Integer Underflow
https://notcve.org/view.php?id=CVE-2007-3798
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. Un desbordamiento de enteros en el archivo print-bgp.c en el disector BGP en tcpdump versión 3.9.6 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de TLVs especialmente diseñados en un paquete BGP, relacionado a un valor de retorno no comprobado. • https://www.exploit-db.com/exploits/30319 http://bugs.gentoo.org/show_bug.cgi?id=184815 http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/26135 http://secunia.com/advisories/26168 http://secunia.com/advisories/26223 http://secunia.com/advisories/26231 http://secunia.com&# • CWE-190: Integer Overflow or Wraparound CWE-252: Unchecked Return Value •
CVSS: 9.3EPSS: 5%CPEs: 14EXPL: 0CVE-2007-2392
https://notcve.org/view.php?id=CVE-2007-2392
Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption. Apple Quicktime anterior al 7.2 en el Mac OS X 10.3.9 y 10.4.9 permite a atacantes remotos con la intervención del usuario ejecutar código de su elección a través de un fichero de vídeo modificado que dispara una corrupción de memoria. • http://docs.info.apple.com/article.html?artnum=305947 http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html http://osvdb.org/36136 http://secunia.com/advisories/26034 http://www.kb.cert.org/vuls/id/582681 http://www.securityfocus.com/bid/24873 http://www.securitytracker.com/id?1018373 http://www.us-cert.gov/cas/techalerts/TA07-193A.html http://www.vupen.com/english/advisories/2007/2510 https://exchange.xforce.ibmcloud.com/vulnerabilities/35353 •
CVSS: 9.3EPSS: 71%CPEs: 14EXPL: 2CVE-2007-2394 – Apple QuickTime < 7.2 - SMIL Remote Integer Overflow
https://notcve.org/view.php?id=CVE-2007-2394
Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file, related to improper calculations for memory allocation. Desbordamiento de entero en Apple Quicktime anterior a 7.2 en Mac OS X 10.3.9 y 10.4.9 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante los campos (1) title y (2) author modificados artesanalmente en un fichero SMIL, relacionado con cálculos indebidos para reserva de memoria. • https://www.exploit-db.com/exploits/4359 https://www.exploit-db.com/exploits/30292 http://docs.info.apple.com/article.html?artnum=305947 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=556 http://lists.apple.com/archives/Security-announce/2007/Jul/msg00001.html http://osvdb.org/36134 http://secunia.com/advisories/26034 http://www.securityfocus.com/archive/1/473882/100/100/threaded http://www.securityfocus.com/bid/24873 http://www.securitytracker.com/id?1 •