Page 54 of 355 results (0.008 seconds)

CVSS: 5.1EPSS: 27%CPEs: 2EXPL: 4

Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. Vulnerabilidad no especificada en Apple Mac OSX 10.4.8, y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen de disco UDTO HFS+ mal formada, como por ejemplo con "sectores dañados", lo cual provoca una corrupción de memoria. • https://www.exploit-db.com/exploits/29144 https://www.exploit-db.com/exploits/29161 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://projects.info-pull.com/mokb/MOKB-21-11-2006.html http://secunia.com/advisories/23012 http://secunia.com/advisories/23062 http://secunia.com/advisories/24479 http://securitytracker.com/id?1017260 http://www.osvdb.org/30510 http://www.securityfocus.com/bid& •

CVSS: 9.3EPSS: 5%CPEs: 2EXPL: 2

com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed by a third party, who states that the impact is limited to a denial of service (kernel panic) due to a vm_fault call with a non-aligned address. com.apple.AppleDiskImagecontroller en Apple Mac OS X 10.4.8, y posiblemente otras versiones, permite a atacantes remotos ejecutar código de su elección mediante una imagen DMG mal formada que provoca una corrupción de memoria. NOTA: la severidad de este asunto ha sido impugnada por una tercera parte, la cual afirma que el impacto está limitado a una denegación de servicio (error irrecuperable en el núcleo del sistema, kernel panic) debido a una llamada vm_faultcon una dirección no alineada. • http://alastairs-place.net/2006/11/dmg-vulnerability http://docs.info.apple.com/article.html?artnum=305214 http://kernelfun.blogspot.com/2006/11/more-mokb-20-11-2006-related-news.html http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://projects.info-pull.com/mokb/MOKB-20-11-2006.html http://secunia.com/advisories/23012 http://secunia.com/advisories/24479 http://securitytracker.com/id?1017260 http://www.kb.cert.org/vuls/id/367424 http://ww •

CVSS: 9.3EPSS: 92%CPEs: 6EXPL: 0

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. Condición de carrera en el manejador de señal OpenSSH en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario si la autenticación GSSAPI está habilitada, a través de vectores no especificados que conducen a una doble liberación. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 http://openssh.org/txt/release-4.4 http://secunia.com/advisories& • CWE-415: Double Free •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1

Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. Múltiples desbordamientos de búfer basados en pila en el controlador wireless AirPort en Apple Mac OS X 10.3.9 y 10.4.7 permiten a atacantes físicamente próximos ejecutar código de su elección inyectando tramas artesanales dentro de la red wireless. • https://www.exploit-db.com/exploits/28643 http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html http://secunia.com/advisories/22068 http://securitytracker.com/id?1016903 http://www.kb.cert.org/vuls/id/867796 http://www.securityfocus.com/bid/20144 http://www.vupen.com/english/advisories/2006/3737 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames. Desbordamiento de enteros en la API para el controlador de AirPort Wireless sobre Apple Mac OS X 10.4.7 que permitirían a un atacante cercano fisicamente provocar denegación de serivicio(caida) o ejecutar código de su elección con un software de terceros que utiliza el API a través de marcos artesanales. • http://lists.apple.com/archives/Security-announce/2006/Sep/msg00001.html http://secunia.com/advisories/22068 http://securitytracker.com/id?1016903 http://www.kb.cert.org/vuls/id/563492 http://www.securityfocus.com/bid/20144 http://www.vupen.com/english/advisories/2006/3737 •