CVE-2007-4688
https://notcve.org/view.php?id=CVE-2007-4688
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query. El componente de Red de Apple Mac OS X 10.4 hasta 10.4.10 permite a atacantes remotos obtener todas las direcciones de un host, incluyendo direcciones enlazadas locales, mediante una Consulta de Información de Nodo. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38472 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2007-4697
https://notcve.org/view.php?id=CVE-2007-4697
Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption. Vulnerabilidad sin especificar en el WebCore del Apple Mac OS X 10.4 hasta el 10.4.10 permite a atacantes remotos provocar una denegación de servicio (terminación de la aplicación) o ejecutar código de su elección a través de vectores desconocidos relacionados con el histórico del navegador, lo que dispara una corrupción de memoria. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018948 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38483 •
CVE-2007-4696
https://notcve.org/view.php?id=CVE-2007-4696
Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari. Condición de carrera en WebCore de Apple Mac OS X 10.4 hasta 10.4.10 permite a atacantes remotos obtener información confidencial de formularios de otros sitios mediante vectores desconocidos relativos a "transiciones de página" en Safari. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018948 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2007-4686
https://notcve.org/view.php?id=CVE-2007-4686
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request. Un error en la propiedad signedness de enteros en la función ttioctl en el archivo bsd/kern/tty.c en el Kernel xnu en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a usuarios locales causar una denegación de servicio (apagado del sistema) o alcanzar privilegios por medio de una petición ioctl TIOCSETD diseñada. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/archive/1/483753/100/200/threaded http://www.securityfocus.com/bid/26444 http://www.trapkit.de/advisories/TKADV2007-001.txt http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xfor • CWE-189: Numeric Errors •
CVE-2007-4695
https://notcve.org/view.php?id=CVE-2007-4695
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads. Vulnerabilidad de "validación de entrada" no especificada en WebCore de Apple Mac OS X 10.4 hasta 10.4.10 permite a atacantes remotos modificar valores de campos de formulario mediante vectores desconocidos relativos a promoción de ficheros. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018948 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38482 • CWE-20: Improper Input Validation •