Page 572 of 2935 results (0.010 seconds)

CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0

Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. Vulnerabilidad desconocida en Mac OS X 10.3.4, relacionada con "manejo de IDs de procesos durante instalación de paquetes", una vulnerabilidad distinta de CAN-2004-0516. • http://lists.seifried.org/pipermail/security/2004-May/003743.html http://securitytracker.com/id?1010331 http://www.securityfocus.com/bid/10432 https://exchange.xforce.ibmcloud.com/vulnerabilities/16290 •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option. Vulnerabilidad de inyección de argumentos en el manejador de URI SSH de Safari sobre Mac OS 10.3.3 y anteriores permite a atacantes remotos (1) ejecutar código de su elección mediante la opción ProxyCommand o (2) hacer reenvío de puertos mediante la opción -R. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021871.html http://www.insecure.ws/article.php?story=200405222251133 https://exchange.xforce.ibmcloud.com/vulnerabilities/16242 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •

CVSS: 7.6EPSS: 3%CPEs: 8EXPL: 2

HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. HelpViewer en Mac OS X 10.3.3 y 10.2.8 procesa scripts que no inició, lo que puede permitir a atacantes ejecuatar código de su elección, un problema que fue reportado originalmente como una vulnerabilidad de atravesamiento de directorios en el navegador web Safari usanto el manejador de URI help: • https://www.exploit-db.com/exploits/24121 http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0837.html http://lists.apple.com/mhonarc/security-announce/msg00053.html http://secunia.com/advisories/11622 http://securitytracker.com/id?1010167 http://www.fundisom.com/owned/warning http://www.kb.cert.org/vuls/id/578798 http://www.osvdb.org/6184 http://www.securityfocus.com/bid/10356 https://exchange.xforce.ibmcloud.com/vulnerabilities/16166 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. El ayudante de protocolo para URI "disk:" en Mac OX X 10.3.3 y 10.2.8 permite a atacantes remotos escribir ficheros arbitrarios haciendo que un fichero de imagen de disco (.dmg) sea montado como un volumen de disco. • http://fundisom.com/owned/warning http://lists.apple.com/mhonarc/security-announce/msg00053.html http://lists.seifried.org/pipermail/security/2004-May/003743.html http://secunia.com/advisories/11622 http://www.kb.cert.org/vuls/id/210606 https://exchange.xforce.ibmcloud.com/vulnerabilities/16166 •

CVSS: 5.1EPSS: 10%CPEs: 2EXPL: 3

Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. Desbordamiento de búfer basado en la pila en AppleFileServer de MAC OS X 10.3.3 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante un paquete LoginExt para un método de autenticación de usuario (User Authentication Method - UAM) con contraseña en texto plano con un arguemento PathName que incluye un cadena de tipo de AFPName más larga que el campo de longitud asociado. • https://www.exploit-db.com/exploits/16863 https://www.exploit-db.com/exploits/9931 https://www.exploit-db.com/exploits/391 http://lists.apple.com/mhonarc/security-announce/msg00049.html http://secunia.com/advisories/11539 http://securitytracker.com/id?1010039 http://www.atstake.com/research/advisories/2004/a050304-1.txt http://www.kb.cert.org/vuls/id/648406 http://www.securiteam.com/securitynews/5QP0115CUO.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16049 •