Page 60 of 444 results (0.011 seconds)

CVSS: 5.0EPSS: 10%CPEs: 32EXPL: 1

Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/19686 http://secunia.com/advisories/20077 http://www.security-protocols.com/modules.php?name=News&file=article&sid=3233 http://www.security-protocols.com/sp-x29-advisory.php http://www.securityfocus.com/bid/17634 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1452 http://www.vupen. •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. Vulnerabilidad no especificada en Mac OS X anteriores a 10.4.6, cuando se ejecuta en un ordenador basado en Intel, permite a atacantes con acceso físico saltarse la contraseña 'firmware' e iniciar sesión en Modo De Un Usuario mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=303567 http://secunia.com/advisories/19462 http://securitytracker.com/id?1015859 http://www.osvdb.org/24399 http://www.securityfocus.com/bid/17364 http://www.vupen.com/english/advisories/2006/1215 https://exchange.xforce.ibmcloud.com/vulnerabilities/25620 •

CVSS: 5.0EPSS: 5%CPEs: 25EXPL: 0

Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". • http://drunkenblog.com/drunkenblog-archives/000760.html http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://secunia.com/advisories/20077 http://www.osvdb.org/25597 http://www.securityfocus.com/bid/17321 http://www.securityfocus.com/bid/17951 http://www.us-cert.gov/cas/techalerts/TA06-132A.html http://www.vupen.com/english/advisories/2006/1779 https://exchange.xforce.ibmcloud.com/vulnerabilities/26412 • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0

Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. • http://docs.info.apple.com/article.html?artnum=303453 http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html http://secunia.com/advisories/19129 http://securitytracker.com/id?1015760 http://www.osvdb.org/23871 http://www.vupen.com/english/advisories/2006/0949 https://exchange.xforce.ibmcloud.com/vulnerabilities/25269 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." • http://docs.info.apple.com/article.html?artnum=303453 http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html http://secunia.com/advisories/19129 http://securitytracker.com/id?1015763 http://www.osvdb.org/23873 http://www.securityfocus.com/bid/17082 http://www.vupen.com/english/advisories/2006/0949 https://exchange.xforce.ibmcloud.com/vulnerabilities/25208 •