Page 478 of 2935 results (0.014 seconds)

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

CVE-2008-3619

https://notcve.org/view.php?id=CVE-2008-3619

Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files. Time Machine en Apple Mac OS X 10.5 a la v10.5.4 usa permisos débiles para el acceso a los logs de la Time Machine, lo que permite a usuarios locales obtener información sensible leyendolos. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://secunia.com/advisories/31882 http://securitytracker.com/id?1020884 http://www.securityfocus.com/bid/31189 http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vupen.com/english/advisories/2008/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/45176 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2008-3618

https://notcve.org/view.php?id=CVE-2008-3618

The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended. El Panel File Sharing en las preferencias Sharing en Apple Mac OS X 10.5 a la v10.5.4, no informa a los usuarios del contenido completo de que su directorio personal está siendo compartido para uso propio, lo que podría permitir a atacantes aprovechar otras vulnerabilidades y acceder a ficheros que no está compartidos intencionadamente. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://securitytracker.com/id?1020883 http://www.kb.cert.org/vuls/id/126787 http://www.securityfocus.com/bid/31189 http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vupen.com/english/advisories/2008/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/45175 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 3%CPEs: 12EXPL: 0

CVE-2008-2305

https://notcve.org/view.php?id=CVE-2008-2305

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names." Desbordamiento de búfer basado en montículo en Apple Type Services (ATS) en Apple Mac OS X 10.4.11 y 10.5 a la v10.5.4, permite a atacantes remotos ejecutar código de su elección a través de un documento que contiene un tipo de fuente manipulado, relacionado con "PostScript font names." (Nombres de fuentes postscript) • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://secunia.com/advisories/31882 http://securitytracker.com/id?1020873 http://www.securityfocus.com/bid/31189 http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vupen.com/english/advisories/2008/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/45162 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 85%CPEs: 15EXPL: 1

CVE-2008-3529 – Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)

https://notcve.org/view.php?id=CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name. Desbordamiento de búfer basado en pila en la función xmlParseAttValueComplex en el módulo parser.c de libxml2 versiones anteriores a 2.7.0 permite a atacantes dependientes del contexto provocar una denegación de servicio (parada inesperada) o la posibilidad de ejecutar código de su elección al utilizar un nombre largo de entidad XML. • https://www.exploit-db.com/exploits/8798 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg00000.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html http://secunia.com/advisories/31558 http://secunia.com/advisories/31855 http://secunia.com/advisories/31860 http://secunia.com/advisories/31868 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 1%CPEs: 31EXPL: 0

CVE-2008-3624

https://notcve.org/view.php?id=CVE-2008-3624

Heap-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted panorama atoms. Desbordamiento de búfer basado en montículo en Apple Quicktime anterior a 7.7.5 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de aplicación)a través de una película QuickTime Virtual Reality (QTVR)con átomos panorama manipulados. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00000.html http://secunia.com/advisories/31821 http://securitytracker.com/id?1020841 http://support.apple.com/kb/HT3027 http://www.securityfocus.com/bid/31086 http://www.vupen.com/english/advisories/2008/2527 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16124 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •