CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2008-1580
https://notcve.org/view.php?id=CVE-2008-1580
CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and use arbitrary certificates to track user activities across domains, a related issue to CVE-2007-4879. CFNetwork en Safari en Apple Mac OS X versiones anteriores a 10.5.3, envía automáticamente un certificado de cliente SSL en respuesta a la petición de certificado de un servidor web, lo que permite a los sitios web remotos obtener información confidencial (datos del Subject) de certificados identificables personalmente y utilizar certificados arbitrarios para rastrear las actividades de los usuarios en todos los dominios, un problema relacionado con CVE-2007-4879. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020134 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29493 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42708 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 12%CPEs: 9EXPL: 1CVE-2008-0599 – php: buffer overflow in a CGI path translation
https://notcve.org/view.php?id=CVE-2008-0599
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. La función init_request_info en sapi/cgi/cgi_main.c en PHP en versiones anteriores a 5.2.6 no considera correctamente la precedencia del operador cuando calcula la longitud de PATH_TRANSLATED, lo que podrían permitir a atacantes remotos ejecutar código arbitrario a través de una URI manipulada. • http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01476437 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://secunia.com/advisories/30048 http://secunia.com/advisories/30083 http:/ • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 6.8EPSS: 8%CPEs: 8EXPL: 0CVE-2008-1026 – Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-1026
Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. Desbordamiento de entero en el compilador de expresiones regulares PCRE (JavaScriptCore/pcre/pcre_compile.cpp) en Apple WebKit, como se utiliza en Safari en versiones anteriores a 3.1.1, permite a atacantes remotos ejecutar código arbitrario a través de expresiones regulares con grandes conteos de repetición anidados, lo que desencadena un desbordamiento de búfer basado en memoria dinámica. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in WebKit. When nesting regular expressions with large repetitions, a heap overflow occurs resulting in a condition allowing the execution of arbitrary code. • http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html http://secunia.com/advisories/29846 http://secunia.com/advisories/31074 http://securityreason.com/securityalert/3815 http://support.apple.com/kb/HT1467 http://www.securityfocus.com/archive/1/490990/100/0/threaded http://www.securityfocus.com/bid/28815 http://www.securitytracker.com/id?1019870 http://www.vupen.com/english/advisories/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 4%CPEs: 19EXPL: 0CVE-2008-0063 – krb5: possible leak of sensitive data from krb5kdc using krb4 request
https://notcve.org/view.php?id=CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." El soporte Kerberos 4 en KDC en MIT Kerberos 5 (krb5kdc) no borra apropiadamente la parte no utilizada de un búfer cuando se genera un mensaje de error, lo que podría permitir a los atacantes remotos obtener información confidencial, también se conoce como "Uninitialized stack values." • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29423 http://secunia.com/advisories/29424 http://secunia.com/advisories/29428 http://secunia.com/advisories/29435 http://secunia.com/advisories/29438 http://secunia.com/advisories/29450 http://secunia.com/advisories/2 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.8EPSS: 2%CPEs: 4EXPL: 0CVE-2008-0060
https://notcve.org/view.php?id=CVE-2008-0060
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link. Help Viewer en Apple Mac OS X 10.4.11 y 10.5.2, permite a atacantes remotos ejecutar Applescript de su elección a través de la URL help:topic_list, la cual inyecta HTML o JavaScript dentro de una página de listado de topic, tal y como se ha demostrado usando el enlace help:runscript. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28371 http://www.securitytracker.com/id?1019657 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41295 • CWE-94: Improper Control of Generation of Code ('Code Injection') •