CVSS: 2.6EPSS: 0%CPEs: 18EXPL: 0CVE-2006-5681
https://notcve.org/view.php?id=CVE-2006-5681
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects. QuickTime para Java en Mac OS X 10.4 hasta 10.4.8, cuando es usado con Quartz Composer, permite a atacantes remotos obtener información sensible (imágenes de la pantalla) mediante un applet de Java que accede a imágenes que han sido renderizadas por otros objetos QuickTime empotrados. • http://docs.info.apple.com/article.html?artnum=304916 http://lists.apple.com/archives/Security-announce/2006/Dec/msg00000.html http://secunia.com/advisories/23438 http://securitytracker.com/id?1017402 http://www.osvdb.org/32380 http://www.securityfocus.com/bid/21672 http://www.vupen.com/english/advisories/2006/5072 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2006-6353
https://notcve.org/view.php?id=CVE-2006-6353
Multiple unspecified vulnerabilities in BOMArchiveHelper in Mac OS X allow user-assisted remote attackers to cause a denial of service (application crash) via unspecified vectors related to (1) certain KERN_PROTECTION_FAILURE thread crashes and (2) certain KERN_INVALID_ADDRESS thread crashes, as discovered with the "iSec Partners FileP fuzzer". Múltiples vulnerabilidades no especificadas en BOMArchiveHelper de Mac OS X permiten a atacantes remotos con la intervención del usuario provocar una denegación de servicio (caída de la aplicación) mediante vectores relacionados con ciertas caídas de hilos (1) KERN_PROTECTION_FAILURE y (2) KERN_INVALID_ADDRESS, como ha sido descubierto con el "iSec Partners FileP fuzzer". • http://security-protocols.com/2006/12/04/bomarchivehelper-needs-some-lovin http://www.securityfocus.com/bid/21446 •
CVSS: 5.7EPSS: 1%CPEs: 4EXPL: 0CVE-2006-6292
https://notcve.org/view.php?id=CVE-2006-6292
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames. Apple Airport Extreme firmware 0.1.27 en Mac OS X 10.4.8 permite a atacantes remotos provocar una denegación de servicio (acceso a memoria fuera de rango, y fallo irrecuperable del sistema o kernel panic) y también otros posibles impactos relacionados con la seguridad mediante ciertos marcos (beacon frames). • http://docs.info.apple.com/article.html?artnum=305031 http://lists.apple.com/archives/Security-announce/2007/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2007/Jan/msg00001.html http://projects.info-pull.com/mokb/MOKB-30-11-2006.html http://secunia.com/advisories/23159 http://securitytracker.com/id?1017328 http://www.apple.com/support/downloads/airportextremeupdate2007001.html http://www.kb.cert.org/vuls/id/583552 http://www.securityfocus.com/bid/21383 http:&# •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2006-4396
https://notcve.org/view.php?id=CVE-2006-4396
The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack. El servidor Apple Type Services (ATS) en Mac OS X 10.4.8 y anteriores no crea archivos de registro de forma segura, lo que permite a atacantes remotos crear y modificar archivos de su elección a través de vectores no especificados, posiblemente relacionados con un ataque de enlace simbólico (symlink attack). • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017301 http://www.kb.cert.org/vuls/id/323424 http://www.osvdb.org/30739 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVSS: 6.8EPSS: 6%CPEs: 19EXPL: 0CVE-2006-4412
https://notcve.org/view.php?id=CVE-2006-4412
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects. WebKit de Apple Mac OS X 10.3.x hasta 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos ejecutar código de su elección mediante un archivo HTML manipulado, que accede a objetos previamente liberados (deallocated). • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017304 http://www.kb.cert.org/vuls/id/848960 http://www.osvdb.org/30726 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 https://exchange.xforce.ibmcloud.com/vulnerabilities/30645 •