CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0064
https://notcve.org/view.php?id=CVE-2010-0064
DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have unspecified other impact by copying files owned by other users. DesktopServices en Apple Mac OS X v10.6 anteriores a v10.6.3 preserva la propiedad del fichero durante una copia Finder autenticada, lo que puede permitir a usuarios locales evitar las restricciones de disco previstas y tener otros impactos sin especificar copiando ficheros cuyos propietarios son otros usuarios. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 26EXPL: 0CVE-2010-0507
https://notcve.org/view.php?id=CVE-2010-0507
Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image. Desbordamiento de búfer en Image RAW en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (cuelgue de aplicación) a través de una imagen PEF manipulada. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2010-0504
https://notcve.org/view.php?id=CVE-2010-0504
Multiple stack-based buffer overflows in iChat Server in Apple Mac OS X Server before 10.6.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Múltiples desbordamientos de búfer basados en pila en iChat Server de Apple Mac OS X Server en versiones anteriores a la v10.6.3 permiten a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída de la aplicación) a través de vectores de ataque sin especificar. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2010-0060 – Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0060
CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDMC encoding. CoreAudio en Apple Mac OS X anteriores a v10.6.3 permite a atacantes remotos ejecutar código de su elección o a provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de contenido de audio manipulado, codificado con QDMC. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the QuickTimeAudioSupport.qtx library when parsing malformed QDMC and QDM2 codec atoms. By modifying specific values within the stream an attacker can cause heap corruption which can lead to arbitrary code execution under the context of the currently logged in user. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00002.html http://support.apple.com/kb/HT4077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7513 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2010-0510
https://notcve.org/view.php?id=CVE-2010-0510
Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password. El servidor de contraseñas -Password Server- de Mac OS X Server anterior a v10.6.3 no realiza la duplicación de contraseñas adecuadamente, esto puede permitir a usuarios autenticados en remoto obtener acceso registrado a través de una contraseña que ya haya caducado. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 • CWE-255: Credentials Management Errors •