Page 52 of 606 results (0.031 seconds)

CVSS: 7.1EPSS: 1%CPEs: 12EXPL: 0

Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted embedded font in a PDF file. Apple Type Services (ATS) de Apple Mac OS X v10.5 anterior a 10.5.6, permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de una fuente manipulada insertada en un documento PDF. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/33179 http://securitytracker.com/id?1021398 http://support.apple.com/kb/HT3338 http://www.securityfocus.com/bid/32839 http://www.securityfocus.com/bid/32875 http://www.us-cert.gov/cas/techalerts/TA08-350A.html http://www.vupen.com/english/advisories/2008/3444 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 1

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184. cupsd en CUPS versión 1.3.9 y anteriores, permite a los usuarios locales, y posiblemente atacantes remotos, causar una denegación de servicio (bloqueo del demonio) mediante la adición de un gran número de Suscripciones RSS, que desencadena una desreferencia de puntero NULL. NOTA: este problema puede ser desencadenado remotamente mediante el aprovechamiento de CVE-2008-5184. • https://www.exploit-db.com/exploits/7150 http://lab.gnucitizen.org/projects/cups-0day http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/33937 http://secunia.com/advisories/43521 http://support.apple.com/kb/HT3438 http://www.debian.org/security/2011/dsa-2176 http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups http://www.mandriva.com/security/adviso • CWE-476: NULL Pointer Dereference •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors. Desbordamiento de búfer basado en montículo en en el componente IPC local de el plugin de EAPOLController para configd (Componente de red) en Mac OS X 10.4.11 y 10.5.5 que permite a usuarios locales ejecutar código a su elección a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31711 http://www.securitytracker.com/id?1021025 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45781 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 7%CPEs: 23EXPL: 0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." Un error en la propiedad signedness de enteros en (1) QuickLook en Mac OS X versión 10.5.5 de Apple y (2) Office Viewer en iPhone OS de Apple versiones 1.0 hasta 2.1 y iPhone OS para iPod touch versiones 1.1 hasta 2.1, permite a los atacantes remotos causar una denegación de servicio (terminación de aplicación) y ejecutar código arbitrario por medio de un archivo de Microsoft Excel diseñado que desencadena un acceso de memoria fuera de límites, relacionado con el "handling of columns”. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3216 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31707 http://www.securitytracker.com/id?1021027 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen& • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0

Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment. Desbordamiento de búfer en PSNormalizer en Mac OS X v10.4.11 y v10.5.5 permite a atacantes remotos provocar una denegación de servicio (finalización de la aplicación) y ejecutar código de su elección mediante un fichero PostScript con un comentario manipulado en un elemento "bounding box". • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31719 http://www.securitytracker.com/id?1021026 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45783 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •