CVSS: 5.0EPSS: 2%CPEs: 9EXPL: 0CVE-2006-4409
https://notcve.org/view.php?id=CVE-2006-4409
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. El servicio Online Certificate Status Protocol (OCSP) en el Security Framework en Apple Mac OS X 10.4 hasta 10.4.8 recupera listas de revocación de certificados (CRL) cuando un proxy HTTP está en uso, lo cual podría causar que el sistema acepte certificados que han sido revocados. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017298 http://www.kb.cert.org/vuls/id/811384 http://www.osvdb.org/30729 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2006-4404
https://notcve.org/view.php?id=CVE-2006-4404
The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin credentials, does not authenticate the user before installing certain software requiring system privileges. El instalador de aplicaciones en Apple Mac OS X 10.4.8 y anteriores, al ser usado por un usuario con credenciales de administrador, no verifica el usuario antes de instalar cierto software que requiere privilegios de sistema. • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017304 http://www.osvdb.org/30733 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 •
CVSS: 6.8EPSS: 6%CPEs: 19EXPL: 0CVE-2006-4412
https://notcve.org/view.php?id=CVE-2006-4412
WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects. WebKit de Apple Mac OS X 10.3.x hasta 10.3.9 y 10.4 hasta 10.4.8 permite a atacantes remotos ejecutar código de su elección mediante un archivo HTML manipulado, que accede a objetos previamente liberados (deallocated). • http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/23155 http://securitytracker.com/id?1017304 http://www.kb.cert.org/vuls/id/848960 http://www.osvdb.org/30726 http://www.securityfocus.com/bid/21335 http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://www.vupen.com/english/advisories/2006/4750 https://exchange.xforce.ibmcloud.com/vulnerabilities/30645 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2CVE-2006-6129 – Apple Mac OSX 10.4.x - Mach-O Binary Loading Integer Overflow
https://notcve.org/view.php?id=CVE-2006-6129
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption. Desbordamiento de enteros en fatfile_getarch2 en Apple Mac OS X permite a un usuario local provocar denegación de servicio y posiblemente ejecutar código de su elección a través del programa Mach-O Universal manipulado que dispara una corrupción de memoria. • https://www.exploit-db.com/exploits/29190 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://projects.info-pull.com/mokb/MOKB-26-11-2006.html http://secunia.com/advisories/23088 http://secunia.com/advisories/24479 http://www.osvdb.org/30706 http://www.securityfocus.com/bid/21291 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http:// •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 2CVE-2006-6127
https://notcve.org/view.php?id=CVE-2006-6127
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent. Núcleo Apple Mac OS X permite a un usuario local provocar denegación de servicio a través de un proceso que usa kevent para registrar una cola o un evento, entonces se bifurca en un proceso hijo que usa kevent para registrar un evento para la misma cola que la del padre. • http://docs.info.apple.com/article.html?artnum=307041 http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html http://projects.info-pull.com/mokb/MOKB-24-11-2006.html http://secunia.com/advisories/23114 http://secunia.com/advisories/27643 http://www.osvdb.org/30695 http://www.securityfocus.com/bid/21285 http://www.securityfocus.com/bid/26444 http://www.us-cert.gov/cas/techalerts/TA07-319A.html http://www.vupen.com/english/advisories/2006/4715 http: •