CVSS: 7.5EPSS: 9%CPEs: 4EXPL: 0CVE-2006-1456
https://notcve.org/view.php?id=CVE-2006-1456
Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://securitytracker.com/id?1016070 http://www.osvdb.org/25600 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26424 •
CVSS: 5.0EPSS: 10%CPEs: 32EXPL: 1CVE-2006-1984
https://notcve.org/view.php?id=CVE-2006-1984
Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x29-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1452 http://www.vupen. •
CVSS: 5.1EPSS: 2%CPEs: 38EXPL: 1CVE-2006-1985 – Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow
https://notcve.org/view.php?id=CVE-2006-1985
Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. • https://www.exploit-db.com/exploits/27715 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://securitytracker.com/id?1016082 http://www.osvdb.org/24819 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x25-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 41%CPEs: 32EXPL: 2CVE-2006-1982 – Apple Mac OSX 10.x - LZWDecodeVector '.tiff' Overflow
https://notcve.org/view.php?id=CVE-2006-1982
Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images. Desbodamiento de búfer basado en el montón en la función LZWDecodeVector en Mac OS X anteriores a 10.4.6, como se usa en aplicaciones que utilizan 'ImageIO' o 'AppKit', permite a atacantes remotos ejecutar código de su elección mediante imágenes TIFF artesanales. • https://www.exploit-db.com/exploits/27714 http://docs.info.apple.com/article.html?artnum=303411 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://www.osvdb.org/31837 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x24-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1981
https://notcve.org/view.php?id=CVE-2006-1981
Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. Vulnerabilidad no especificada en Java InputMethods en Mac OS X 10.4.5 puede causar que InputMethdos envíe eventos de entrada para campos seguros a un campo de texto equivocado, lo que podría revelar la contraseña a otros que pudieran ver la pantalla. º • http://docs.info.apple.com/article.html?artnum=303658 http://www.vupen.com/english/advisories/2006/1398 https://exchange.xforce.ibmcloud.com/vulnerabilities/26167 •