CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2009-2807
https://notcve.org/view.php?id=CVE-2009-2807
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica (heap) en el panel de gestión USB en CUPS en Apple Mac OS X, permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://osvdb.org/57951 http://secunia.com/advisories/36701 http://support.apple.com/kb/HT3865 http://www.cups.org/articles.php?L588 http://www.securityfocus.com/bid/36350 http://www.securitytracker.com/id?1022898 https://exchange.xforce.ibmcloud.com/vulnerabilities/53168 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-2812
https://notcve.org/view.php?id=CVE-2009-2812
Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. Launch Services en Apple Mac OS X 10.5.8 no reconoce adecuadamente un Identificador de Tipo Uniform (uniforme/único) no seguro en un documento de tipo exportado en un aplicación descargado, lo que permite a atacantes remotos lanzar la apertura automática de un archivo, y ejecutar código de su elección, a través de un sitio web manipulado. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://osvdb.org/57954 http://secunia.com/advisories/36701 http://support.apple.com/kb/HT3865 http://www.securityfocus.com/bid/36361 •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-2800
https://notcve.org/view.php?id=CVE-2009-2800
Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. Desbordamiento de búfer en Alias Manager en Apple Mac OS X v10.4.11 y v10.5.8, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (caída de aplicación) a través de un fichero alias manipulado. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://osvdb.org/57947 http://secunia.com/advisories/36701 http://support.apple.com/kb/HT3865 http://www.securityfocus.com/bid/36354 https://exchange.xforce.ibmcloud.com/vulnerabilities/53164 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 81EXPL: 0CVE-2009-2200
https://notcve.org/view.php?id=CVE-2009-2200
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document. WebKit en Apple Safari anteriores a v4.0.3 no restringe apropiadamente el esquema URL del atributo pluginspage de un elemento EMBED, lo que permite a los atacantes remotos asistidos por usuarios lanzar un archivo arbitrario: URLs y obtener información sensible a través de un documento HTML manipulado. • http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3733 http://www.securityfocus.com/bid/36024 http://www.securitytracker.com/id?1022720 http://www.vupen.com/english/advisories/2011/0212 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 90%CPEs: 81EXPL: 1CVE-2009-2195 – WebKit - Floating Point Number Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-2195
Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers. Desbordamiento de búfer en WebKit en Apple Safari anteriores a v4.0.3, permite a los atacantes remotos ejecutar arbitrariamente código o causar una denegación de servicio (caída de la aplicación) a través de un número punto-flotante manipulado. • https://www.exploit-db.com/exploits/33164 http://lists.apple.com/archives/security-announce/2009/Aug/msg00002.html http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/43068 http://support.apple.com/kb/HT3733 http://support.apple.com/kb/HT4225 http://www.securityfocus.com/bid/36023 http://www.securitytracker.com/id?1022717 http://www.vupen.com/english/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •