CVSS: 9.3EPSS: 1%CPEs: 20EXPL: 0CVE-2007-0750
https://notcve.org/view.php?id=CVE-2007-0750
Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. Desbordamiento de entero en el CoreGraphics del Apple Mac OS X 10.4 hasta la 10.4.9 permite a atacantes con la intervención del usuario provocar una denegación de servicio (terminación de la aplicación) o ejecutar código de su elección a través de un fichero PDF modificado. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35146 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018114 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34499 •
CVSS: 7.2EPSS: 0%CPEs: 40EXPL: 2CVE-2007-0753 – Apple Mac OSX 10.4.9 - VPND Local Format String
https://notcve.org/view.php?id=CVE-2007-0753
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter. Una vulnerabilidad de cadena de formato en el demonio VPN (vpnd) en Apple Mac OS X versiones 10.3.9 y 10.4.9 permite a los usuarios locales ejecutar código arbitrario por medio del parámetro -i. • https://www.exploit-db.com/exploits/30096 https://www.exploit-db.com/exploits/4013 http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35143 http://www.securityfocus.com/archive/1/469882/100/0/threaded http://www.securityfocus.com/archive/1/469889/100/0/threaded http://www.securityfocus.com/bid/24144 http://www.securityfocus.com/bid/2420 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 2.1EPSS: 0%CPEs: 40EXPL: 0CVE-2007-0751
https://notcve.org/view.php?id=CVE-2007-0751
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. Una secuencia de comandos de limpieza en el crontab del Apple Mac OS X 10.3.9 y 10.4.9 puede borrar ficheros de sistemas que han sido montado en /tmp, lo que permite a usuarios locales provocar una denegación de servicio, relacionada con el comando find. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/25402 http://www.osvdb.org/35145 http://www.securityfocus.com/bid/24144 http://www.securitytracker.com/id?1018117 http://www.vupen.com/english/advisories/2007/1939 https://exchange.xforce.ibmcloud.com/vulnerabilities/34500 •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0CVE-2007-0748
https://notcve.org/view.php?id=CVE-2007-0748
Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. Desbordamiento de búfer basado en montículo en Apple Darwin Streaming Proxy, cuando utiliza Darwin Streaming Server versiones anteriores a 5.5.5, permite a atacantes remotos ejecutar código de su elección mediante múltiples valores trackID en una petición SETUP RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35975 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34225 •
CVSS: 10.0EPSS: 4%CPEs: 8EXPL: 0CVE-2007-0749
https://notcve.org/view.php?id=CVE-2007-0749
Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. Múltiples desbordamientos de búfer basado en pila en la función is_command en proxy.c en Apple Darwin Streaming Proxy, cuando se utiliza en Darwin Streaming Server anterior a 5.5.5, permite a atacantes remotos ejecutar código de su elección a través de un valor (1)cmd largo o (2)server en una respuesta RTSP. • http://docs.info.apple.com/article.html?artnum=305495 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533 http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html http://osvdb.org/35976 http://secunia.com/advisories/25193 http://www.securityfocus.com/bid/23918 http://www.securitytracker.com/id?1018047 http://www.vupen.com/english/advisories/2007/1770 https://exchange.xforce.ibmcloud.com/vulnerabilities/34222 •