CVSS: 5.0EPSS: 10%CPEs: 14EXPL: 3CVE-2006-1470 – Apple Mac OSX 10.4.x - OpenLDAP Denial of Service
https://notcve.org/view.php?id=CVE-2006-1470
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. OpenLDAP en Apple Mac OS X v10.4 up a v10.4.6 permite a atacantes remotos causar una denegación de servicio (caída) a través de una petición LDAP no válida que lanza un error assert. • https://www.exploit-db.com/exploits/28135 http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016396 http://www.kb.cert.org/vuls/id/652196 http://www.osvdb.org/26932 http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18728 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27480 • CWE-399: Resource Management Errors •
CVSS: 4.6EPSS: 2%CPEs: 14EXPL: 0CVE-2006-1471
https://notcve.org/view.php?id=CVE-2006-1471
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a syslog call in the logging facility, as demonstrated by using a crafted plist file. Vulnerabilidad de formato de cadena en la función CF_syslog launchd en Apple Mac OS X v10.4 hasta v10.4.6 permite a usuarios locales ejecutar código de su elección a través de especificadores de formato de cadena que no son manejados adecuadamente en una llamada syslog en la facilidad logging, como quedó demostrado usando un fichero plist manipulado. • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016397 http://www.osvdb.org/26933 http://www.securityfocus.com/archive/1/438699/100/0/threaded http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18724 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27479 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0CVE-2006-1468
https://notcve.org/view.php?id=CVE-2006-1468
Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. Vulnerabilidad no especificada en Apple File Protocol (AFP)server en Apple Mac OS X v10.4 actualizado a v10.4.6 incluye el nombre de ficheros con restricción y directorios dentro de resultados de busqueda, lo que puede permitir a atacantes remotos obtener información sensible. • http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://secunia.com/advisories/20877 http://securitytracker.com/id?1016395 http://www.osvdb.org/26930 http://www.securityfocus.com/bid/18686 http://www.securityfocus.com/bid/18733 http://www.vupen.com/english/advisories/2006/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/27477 •
CVSS: 4.0EPSS: 1%CPEs: 2EXPL: 0CVE-2006-1466
https://notcve.org/view.php?id=CVE-2006-1466
Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. • http://lists.apple.com/archives/security-announce/2006/May/msg00004.html http://secunia.com/advisories/20267 http://securitytracker.com/id?1016143 http://www.osvdb.org/25889 http://www.securityfocus.com/bid/18091 http://www.vupen.com/english/advisories/2006/1950 https://exchange.xforce.ibmcloud.com/vulnerabilities/26634 •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 0CVE-2006-1450
https://notcve.org/view.php?id=CVE-2006-1450
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016078 http://www.osvdb.org/25594 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26419 •