CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5847
https://notcve.org/view.php?id=CVE-2007-5847
Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information. Condición de carrera en la API CFURLWriteDataAndPropertiesToResource del Core Foundation de Apple Mac OS X 10.4.11. Crea ficheros con permisos no seguros, lo cual podría permitir a usuarios locales obtener información sensible. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019106 http://www.securityfocus.com/bid/26910 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud.com/vulnerabilities/39095 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 3.6EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5851
https://notcve.org/view.php?id=CVE-2007-5851
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. iChat en Apple Mac OS X 10.4.11 permite a atacantes remotos de redes adayacentes inicializar automáticamente una conexión de video en otros usuarios a través de vectores desconocidos. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019109 http://www.securityfocus.com/bid/26910 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/advisories/2007/4238 https://exchange.xforce.ibmcloud.com/vulnerabilities/39099 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5848
https://notcve.org/view.php?id=CVE-2007-5848
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. Desbordamiento de búfer en CUPS de Apple Mac OS X 10.4.11 permite a usuarios administradores locales ejecutar código de su elección mediante un URI manipulado en el servicio CUPS. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html http://secunia.com/advisories/28136 http://secunia.com/advisories/28344 http://secunia.com/advisories/28441 http://secunia.com/advisories/28636 http://www.mandriva.com/security/advisories?name=MDVSA-2008:050 http://www.novell.com/linux/security/advisories/suse_security_summary_report.html htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 43%CPEs: 6EXPL: 1CVE-2007-5849 – Common UNIX Printing System 1.2/1.3 SNMP - 'asn1_get_string()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5849
Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. Un subdesbordamiento de enteros en la función asn1_get_string en el back end de SNMP (backend/snmp.c) para CUPS versiones 1.2 hasta 1.3.4, permite a los atacantes remotos ejecutar código arbitrario por medio de una respuesta SNMP especialmente diseñada que desencadena un desbordamiento de búfer en la región stack de la memoria. • https://www.exploit-db.com/exploits/30898 http://bugs.gentoo.org/show_bug.cgi?id=201570 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html http://secunia.com/advisories/28113 http://secunia.com/advisories/28129 http://secunia.com/advisories/28136 http://secunia.com/advisories/28200 http://secunia.com/advisories/28386 http:// • CWE-189: Numeric Errors •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 1CVE-2007-3876 – Apple Mac OSX - 'mount_smbfs' Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3876
Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil. Un desbordamiento de búfer en la región stack de la memoria en SMB en Apple Mac OS X versión 10.4.11, permite a los usuarios locales ejecutar código arbitrario por medio de (1) una opción (-W) de un grupo de trabajo largo en mount_smbfs o (2) una manipulación no especificada de la línea de comandos en smbutil. • https://www.exploit-db.com/exploits/4759 http://docs.info.apple.com/article.html?artnum=307179 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=633 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://securitytracker.com/id?1019106 http://www.securityfocus.com/bid/26910 http://www.securityfocus.com/bid/26926 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http://www.vupen.com/english/adviso • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •