CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0CVE-2004-0515
https://notcve.org/view.php?id=CVE-2004-0515
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." Vulnerabilidad desconocida en LoginWindow de Mac OS X 10.3.4, relacionada con "manejo de ficheros de registro de consola" • http://lists.seifried.org/pipermail/security/2004-May/003743.html http://securitytracker.com/id?1010330 http://www.securityfocus.com/bid/10432 https://exchange.xforce.ibmcloud.com/vulnerabilities/16289 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2004-0518
https://notcve.org/view.php?id=CVE-2004-0518
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. Vulnerabilidad desconocida en el AppleFileServer para Mac OS X 10.3.4, relacionado con "el uso de SSH e informes de errores". • http://lists.seifried.org/pipermail/security/2004-May/003743.html http://securitytracker.com/id?1010333 https://exchange.xforce.ibmcloud.com/vulnerabilities/16288 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0485
https://notcve.org/view.php?id=CVE-2004-0485
The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. El ayudante de protocolo para URI "disk:" en Mac OX X 10.3.3 y 10.2.8 permite a atacantes remotos escribir ficheros arbitrarios haciendo que un fichero de imagen de disco (.dmg) sea montado como un volumen de disco. • http://fundisom.com/owned/warning http://lists.apple.com/mhonarc/security-announce/msg00053.html http://lists.seifried.org/pipermail/security/2004-May/003743.html http://secunia.com/advisories/11622 http://www.kb.cert.org/vuls/id/210606 https://exchange.xforce.ibmcloud.com/vulnerabilities/16166 •
CVSS: 7.6EPSS: 3%CPEs: 8EXPL: 2CVE-2004-0486 – Apple Mac OSX 10.3.x - Help Protocol Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0486
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. HelpViewer en Mac OS X 10.3.3 y 10.2.8 procesa scripts que no inició, lo que puede permitir a atacantes ejecuatar código de su elección, un problema que fue reportado originalmente como una vulnerabilidad de atravesamiento de directorios en el navegador web Safari usanto el manejador de URI help: • https://www.exploit-db.com/exploits/24121 http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0837.html http://lists.apple.com/mhonarc/security-announce/msg00053.html http://secunia.com/advisories/11622 http://securitytracker.com/id?1010167 http://www.fundisom.com/owned/warning http://www.kb.cert.org/vuls/id/578798 http://www.osvdb.org/6184 http://www.securityfocus.com/bid/10356 https://exchange.xforce.ibmcloud.com/vulnerabilities/16166 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2004-0489
https://notcve.org/view.php?id=CVE-2004-0489
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option. Vulnerabilidad de inyección de argumentos en el manejador de URI SSH de Safari sobre Mac OS 10.3.3 y anteriores permite a atacantes remotos (1) ejecutar código de su elección mediante la opción ProxyCommand o (2) hacer reenvío de puertos mediante la opción -R. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021871.html http://www.insecure.ws/article.php?story=200405222251133 https://exchange.xforce.ibmcloud.com/vulnerabilities/16242 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •