Page 54 of 613 results (0.009 seconds)

CVSS: 10.0EPSS: 7%CPEs: 23EXPL: 0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." Un error en la propiedad signedness de enteros en (1) QuickLook en Mac OS X versión 10.5.5 de Apple y (2) Office Viewer en iPhone OS de Apple versiones 1.0 hasta 2.1 y iPhone OS para iPod touch versiones 1.1 hasta 2.1, permite a los atacantes remotos causar una denegación de servicio (terminación de aplicación) y ejecutar código arbitrario por medio de un archivo de Microsoft Excel diseñado que desencadena un acceso de memoria fuera de límites, relacionado con el "handling of columns”. • http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://secunia.com/advisories/32756 http://support.apple.com/kb/HT3216 http://support.apple.com/kb/HT3318 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31707 http://www.securitytracker.com/id?1021027 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen& • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0

Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment. Desbordamiento de búfer en PSNormalizer en Mac OS X v10.4.11 y v10.5.5 permite a atacantes remotos provocar una denegación de servicio (finalización de la aplicación) y ejecutar código de su elección mediante un fichero PostScript con un comentario manipulado en un elemento "bounding box". • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31719 http://www.securitytracker.com/id?1021026 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45783 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 4EXPL: 0

Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile. Desbordamiento de búfer en ColorSync en Mac OS X 10.4.11 y 10.5.5 que permite a los atacantes remotos causar una denegación de servicios (terminación de la aplicación) y posiblemente ejecutar arbitrariamente código a través de una imagen o un perfil ICC manipulado. • http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://secunia.com/advisories/32706 http://support.apple.com/kb/HT3216 http://support.apple.com/kb/HT3298 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31715 http://www.securitytracker.com/id?1021023 http://www.vupen.com/english/advisories/2008/2780 https://exchang • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files. Vulnerabilidad no especificada en el editor de scripts de Mac OS X v10.4.11 y v10.5.5 que permite a usuarios locales producir que el diccionario de scripts se escriba en lugares arbitrarios, relacionado con una "operación insegura de fichero" en los ficheros temporales. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31716 http://www.securitytracker.com/id?1021029 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45786 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions. Vulnerabilidad en la lista de control de acceso a publicación de el Weblog en el servidor Mac OS X v10.4.11 que no comprueba adecuadamente cuando un usuario posee múltiples nombres cortos que permite a los atacantes evitar las restricciones de seguridad. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31718 http://www.securitytracker.com/id?1021030 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45787 • CWE-264: Permissions, Privileges, and Access Controls •