CVSS: 4.6EPSS: 0%CPEs: 10EXPL: 0CVE-2007-0738
https://notcve.org/view.php?id=CVE-2007-0738
The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication controls. La ventana de inicio de sesión en Apple Mac OS X 10.4 hasta 10.4.9 no muestra diálogo de autenticación del salva pantallas en ciertas circunstancias al "despertarse", aún cuando la opción "requerir contraseña al despertar" está habilitada, lo cual permite a usuarios locales evitar el control de autenticación. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34863 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017939 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 9.3EPSS: 3%CPEs: 22EXPL: 0CVE-2007-0736
https://notcve.org/view.php?id=CVE-2007-0736
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. Desbordamiento de entero en la librería RPC de Libinfo en Apple Mac OS X 10.3.9 hasta 10.4.9 permite a atacantes remotos ejecutar código de su elección mediante peticiones manipuladas a portmap. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34861 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 https://exchange.xforce.ibmcloud.com/vulnerabilities/33782 •
CVSS: 4.6EPSS: 0%CPEs: 11EXPL: 0CVE-2007-0737
https://notcve.org/view.php?id=CVE-2007-0737
The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors. La ventana de inicio de sesión en Apple Mac OS X 10.3.9 hasta 10.4.9 no comprueba adecuadamente ciertas variables de entorno, lo cual permite a usuarios locales obtener privilegios mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34862 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017939 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-0742
https://notcve.org/view.php?id=CVE-2007-0742
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information. El marco WebFoundation en Apple Mac OS X 10.3.9 y anteriores permite a cookies de subdominio ser accedidas por el dominio padre, lo cual podría permite a atacantes remotos obtener información sensible. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34866 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 7.2EPSS: 0%CPEs: 68EXPL: 0CVE-2007-0729
https://notcve.org/view.php?id=CVE-2007-0729
Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. El cliente Apple File Protocol (AFP) en Apple Mac OS X 10.3.9 hasta la 10.4.9 no limpia de forma adecuada el entorno antes de la ejecución de comandos, lo cual permite a usuarios locales ganar privilegios a través de la configuración de variables de entorno no especificadas. • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.kb.cert.org/vuls/id/312424 http://www.osvdb.org/34858 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017944 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 • CWE-264: Permissions, Privileges, and Access Controls •