CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2008-0998
https://notcve.org/view.php?id=CVE-2008-0998
Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects. Vulnerabilidad sin especificar de NetCfgTool en el componente de configuración de sistema en Apple Mac OS X 10.4.11 y 10.5.2, permite a usuarios locales saltarse la autorización y ejecutar código de elección a través de objetos distribuidos manipulados. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28385 http://www.securitytracker.com/id?1019674 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41281 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 1.7EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0996
https://notcve.org/view.php?id=CVE-2008-0996
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. El componente Printing en Apple Mac OS X 10.5.2 puede guardar las credenciales de autenticación en el disco cuando empieza una tarea en una cola de impresión autenticada, esto puede permitir a los usuarios locales obtener estos credenciales. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28344 http://www.securitytracker.com/id?1019667 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41284 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0989
https://notcve.org/view.php?id=CVE-2008-0989
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname. Vulnerabilidad de formato de cadena en mDNSResponderHelper en Apple Mac OS X 10.5.2, permite a usuarios locales ejecutar código de su elección a través de especificadores de formatos de cadena en el hostname local. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28339 http://www.securitytracker.com/id?1019662 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41292 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-0992
https://notcve.org/view.php?id=CVE-2008-0992
Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. Error en el índice de matriz de pax en Apple Mac OS X 10.5.2 permite a atacantes remotos dependientes del contexto ejecutar código de su elección a través de un archivo con un valor de tamaño manipulado. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28365 http://www.securitytracker.com/id?1019673 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41288 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0046
https://notcve.org/view.php?id=CVE-2008-0046
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions. La Application Firewall en Apple Mac OS X 10.5.2 tiene una traducción al alemán incorrecta para el botón de radio "Permitir acceso para servicios y aplicaciones concretas" -Set access for specific services and applications- lo que puede provocar que el usuario crea que el botón sirve para restringir el acceso sólo a determinados servicios y aplicaciones; esto puede permitir a los atacantes evitar las restricciones de acceso pretendidas. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28368 http://www.securitytracker.com/id?1019658 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41317 • CWE-264: Permissions, Privileges, and Access Controls •