NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" <= 10.5.5"

Page 60 of 606 results (0.011 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-1571

https://notcve.org/view.php?id=CVE-2008-1571

Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. Una vulnerabilidad de salto de directorio en el servidor web incorporado en Image Capture en Apple Mac OS X versiones anteriores a 10.5, permite a los atacantes remotos leer archivos arbitrarios por medio de secuencias de salto de directorio en el URI. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020141 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29501 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42718 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2008-1579

https://notcve.org/view.php?id=CVE-2008-1579

Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. Wiki Server en Apple Mac OS X versiones 10.5 anteriores a 10.5.3, permite a los atacantes remotos obtener información confidencial (nombres de usuario) mediante la lectura del mensaje de error producido al acceder a un blog inexistente. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020143 http://www.securityfocus.com/bid/29412 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42727 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 6%CPEs: 8EXPL: 0

CVE-2008-1577

https://notcve.org/view.php?id=CVE-2008-1577

Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file, related to "multiple memory corruption issues." Una vulnerabilidad no especificada en el códec Pixlet en Apple Pixlet Video en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de un archivo de película especialmente diseñado, relacionado con "multiple memory corruption issues." • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020132 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29489 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42706 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-1572

https://notcve.org/view.php?id=CVE-2008-1572

Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows local users to overwrite arbitrary files, and display images that are being resized by this application. Image Capture en Apple Mac OS X versiones anteriores a 10.5, no utiliza apropiadamente los archivos temporales, lo que permite a los usuarios locales sobrescribir archivos arbitrarios y desplegar imágenes que están siendo redimensionadas por ésta aplicación. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020141 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29521 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42719 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2008-1036 – ICU: Invalid character sequences omission during conversion of some character encodings (XSS attack possible)

https://notcve.org/view.php?id=CVE-2008-1036

The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. La biblioteca International Components for Unicode (ICU) en Apple Mac OS X versiones anteriores a 10.5.3, Red Hat Enterprise Linux versión 5 y otros sistemas operativos, omite algunas secuencias de caracteres no válidas durante la conversión de algunas codificaciones de caracteres, lo que podría permitir a los atacantes remotos conducir ataques de tipo cross-site scripting (XSS). • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://secunia.com/advisories/34290 http://secunia.com/advisories/34777 http://securitytracker.com/id?1020139 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0064 http://www.debian.org/security/2009/dsa-1762 http://www.redhat.com/support/errata/RHSA-2009-0296.html http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29488 http://www.ubuntu • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...58 59 60 61 62