NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" <= 10.4.5"

Page 47 of 444 results (0.004 seconds)

CVSS: 7.2EPSS: 0%CPEs: 23EXPL: 0

CVE-2007-4269

https://notcve.org/view.php?id=CVE-2007-4269

Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow. Un desbordamiento de enteros en el componente Networking en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a usuarios locales ejecutar código arbitrario por medio de un mensaje de AppleTalk Session Protocol (ASP) diseñado en un socket de AppleTalk, que desencadena un desbordamiento de búfer en la región heap de la memoria . • http://docs.info.apple.com/article.html?artnum=307041 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=629 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38473 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 1%CPEs: 22EXPL: 0

CVE-2007-4691

https://notcve.org/view.php?id=CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. El componente NSURL de Apple Mac OS X 10.4 hasta 10.4.10 realiza comparaciones sensible a mayúsculas que permiten a atacantes evitar restricciones intencionadas para URLs del sistema de ficheros local. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38478 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0

CVE-2007-4687

https://notcve.org/view.php?id=CVE-2007-4687

The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files. El componente remote_cmds de Apple Mac OS X 10.4 hasta 10.4.10 contiene un enlace simbólico desde el directorio privado tftpboot al directorio root, lo cual permite a usuarios tftpd escapar del directorio privado y acceder a archivos de su elección. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38471 • CWE-16: Configuration •

CVSS: 9.0EPSS: 1%CPEs: 20EXPL: 0

CVE-2007-4690

https://notcve.org/view.php?id=CVE-2007-4690

Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet. Una vulnerabilidad de doble liberación en el componente NFS en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a usuarios autenticados remotos ejecutar código arbitrario por medio de un paquete RPC AUTH_UNIX diseñado. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://www.securityfocus.com/bid/26444 http://www.securitytracker.com/id?1018949 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38477 • CWE-399: Resource Management Errors •

CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0

CVE-2007-4678

https://notcve.org/view.php?id=CVE-2007-4678

AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted. AppleRAID en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.10 permite a atacantes provocar una denegación de servicio (caída) mediante una imagen de disco dañada por manipulación, lo cual provoca una referencia a un puntero nulo cuando es montada. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38461 •

1...45 46 47 48 49