Page 504 of 2946 results (0.014 seconds)

CVSS: 10.0EPSS: 1%CPEs: 22EXPL: 0

CVE-2007-4691

https://notcve.org/view.php?id=CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs. El componente NSURL de Apple Mac OS X 10.4 hasta 10.4.10 realiza comparaciones sensible a mayúsculas que permiten a atacantes evitar restricciones intencionadas para URLs del sistema de ficheros local. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38478 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0

CVE-2007-4685

https://notcve.org/view.php?id=CVE-2007-4685

The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state." El núcle del Apple Mac OS X 10.4 hasta el 10.4.10 permite a usuarios locales obtener privilegios mediante la ejecución de los programas setuid o setgid en los cuales los ficheros descriptores stdio, stderr o stdout están en "un estado inesperado". • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38469 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 1%CPEs: 20EXPL: 0

CVE-2007-4694

https://notcve.org/view.php?id=CVE-2007-4694

Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs. El Safari en el Apple Mac OS X 10.4 hasta el 10.4.10 permite a atacantes remotos acceder a contenidos locales a través URLs del tipo file:// • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018948 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 https://exchange.xforce.ibmcloud.com/vulnerabilities/38481 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 1%CPEs: 24EXPL: 0

CVE-2007-4680

https://notcve.org/view.php?id=CVE-2007-4680

CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack. CFNetwork de Apple Mac OS X 10.3.9 Y 10.4 hasta 10.4.10 no valida adecuadamente los certificados, lo cual permite a atacantes remotos falsificar certificados SSL confiables mediante un ataque de hombre en medio (man-in-the-middle). • http://docs.info.apple.com/article.html?artnum=307041 http://docs.info.apple.com/article.html?artnum=307563 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2007/3868 http://www.vupen.com/english/advisories/2008/0920/references https://exchange.xforc • CWE-287: Improper Authentication •

CVSS: 6.9EPSS: 0%CPEs: 11EXPL: 1

CVE-2007-4684 – Apple Mac OSX 10.4.x Kernel - 'i386_set_ldt()' Integer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2007-4684

Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call. Un desbordamiento de enteros en el Kernel en Apple Mac OS X versiones 10.4 hasta 10.4.10, permite a usuarios locales ejecutar código arbitrario por medio de un argumento num_sels largo en la llamada de sistema i386_set_ldt. • https://www.exploit-db.com/exploits/4624 http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058522.html http://risesecurity.org/advisory/RISE-2007004 http://secunia.com/advisories/27643 http://securitytracker.com/id?1018950 http://www.securityfocus.com/archive/1/483793/100/0/threaded http://www.securityfocus.com/bid/26444 http://www.us- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •