CVSS: 9.4EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5856
https://notcve.org/view.php?id=CVE-2007-5856
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information. Quick Look Apple Mac OS X 10.5.1, al previsualizar un fichero HTML, no evita que los plug-ins realicen peticiones de red, lo cual pordía permitir a atacantes remotos obtener información confidencial. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019106 http://www.securityfocus.com/bid/26910 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud.com/vulnerabilities/39105 • CWE-16: Configuration CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.6EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5851
https://notcve.org/view.php?id=CVE-2007-5851
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. iChat en Apple Mac OS X 10.4.11 permite a atacantes remotos de redes adayacentes inicializar automáticamente una conexión de video en otros usuarios a través de vectores desconocidos. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019109 http://www.securityfocus.com/bid/26910 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud.com/vulnerabilities/39099 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5861
https://notcve.org/view.php?id=CVE-2007-5861
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer. Vulnerabilidad no especificada en Spotlight en Apple Mac OS X 10.4.11 permite a atacantes con la intervención de un usuario en provocar denegación de servico (fin de la aplicación) o ejecutar código de su elección a través de un archivo .XLS manipulado que dispara corrupción de memoria en Microsoft Office Spotlight Importer. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019106 http://www.securityfocus.com/bid/26910 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud.com/vulnerabilities/39113 • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5848
https://notcve.org/view.php?id=CVE-2007-5848
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. Desbordamiento de búfer en CUPS de Apple Mac OS X 10.4.11 permite a usuarios administradores locales ejecutar código de su elección mediante un URI manipulado en el servicio CUPS. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html http://secunia.com/advisories/28136 http://secunia.com/advisories/28344 http://secunia.com/advisories/28441 http://secunia.com/advisories/28636 http://www.mandriva.com/security/advisories?name=MDVSA-2008:050 http://www.novell.com/linux/security/advisories/suse_security_summary_report.html htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5860
https://notcve.org/view.php?id=CVE-2007-5860
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation." Vulnerabilidad no especificada en Spin Tracer en Apple Mac OS X 10.5.1 permite a usuarios locales ejecutar código de su elección a través de archivos de salida no especificados, afectando a "operaciones no seguras de archivo." • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019106 http://www.securityfocus.com/bid/26910 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud.com/vulnerabilities/39112 •