CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0989
https://notcve.org/view.php?id=CVE-2008-0989
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname. Vulnerabilidad de formato de cadena en mDNSResponderHelper en Apple Mac OS X 10.5.2, permite a usuarios locales ejecutar código de su elección a través de especificadores de formatos de cadena en el hostname local. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28339 http://www.securitytracker.com/id?1019662 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41292 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0994
https://notcve.org/view.php?id=CVE-2008-0994
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. Preview en Apple Mac OS X 10.5.2 utiliza RC4 de 40 bits cuando guarda un archivo PDF encriptado, lo que facilita que atacantes remotos puedan descifrar el archivo a través de métodos de fuerza bruta. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28386 http://www.securitytracker.com/id?1019665 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41276 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-0992
https://notcve.org/view.php?id=CVE-2008-0992
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. Error en el índice de matriz de pax en Apple Mac OS X 10.5.2 permite a atacantes remotos dependientes del contexto ejecutar código de su elección a través de un archivo con un valor de tamaño manipulado. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28365 http://www.securitytracker.com/id?1019673 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41288 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0995
https://notcve.org/view.php?id=CVE-2008-0995
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. El componente Printing (Impresión) en Apple Mac OS X 10.5.2 utiliza un RC4 de 40 bits cuando imprime un archivo PDF encriptado, lo que facilita a los atacantes descifrar el archivo a través de métodos de fuerza bruta. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28387 http://www.securitytracker.com/id?1019667 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41287 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0059
https://notcve.org/view.php?id=CVE-2008-0059
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic." Condiciones de carrera en NSXML de Foundation para Apple Mac OS X 10.4.11 permite a atacantes dependientes del contexto ejecutar código de su elección a través de un archivo XML manipulado, relacionado con "error handling logic (lógica de manipulación de error)". • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28367 http://www.securitytracker.com/id?1019650 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41296 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •