Page 61 of 317 results (0.009 seconds)

CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0

The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF file, which makes it easier for attackers to decrypt the file via brute force methods. El componente Printing (Impresión) en Apple Mac OS X 10.5.2 utiliza un RC4 de 40 bits cuando imprime un archivo PDF encriptado, lo que facilita a los atacantes descifrar el archivo a través de métodos de fuerza bruta. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28387 http://www.securitytracker.com/id?1019667 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41287 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

Apple Mac OS X 10.5.2 allows user-assisted attackers to cause a denial of service (crash) via a crafted Universal Disc Format (UDF) disk image, which triggers a NULL pointer dereference. Apple Mac OS X 10.5.2 permite a atacantes con la ayuda del usuario provocar una denegación de servicio (caída) a través de una imagen de disco manipulada de un Formato de Disco Universal (Universal Disc Format - UDF) que induce una referencia a un puntero nulo. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28389 http://www.securitytracker.com/id?1019669 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41280 • CWE-20: Improper Input Validation •

CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 1

Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments. Vulnerabilidad de salto de directorio deContentServer.py en the Wiki Server en Apple Mac OS X 10.5.2 (Leopard), permite a usuarios autenticados remotamente escribir ficheros de su elección a través de secuencias ".." en los ficheros adjuntos. • https://www.exploit-db.com/exploits/31412 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2189 http://www.securityfocus.com/archive/1/489786/100/0/threaded http://www.securityfocus.com/bid/28278 http://www.securitytracker.com/id?1019660 http://www.vupen.com/english/advisories/2008/0924/references • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings. Podcast Capture en Podcast Producer de Apple Mac OS X 10.5.2, invoca una subtarea con contraseñas en argumentos de línea de comandos, esto permite a usuarios locales leer las contraseñas mediante listados de procesos. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28372 http://www.securitytracker.com/id?1019664 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 86%CPEs: 3EXPL: 0

Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. Un desbordamiento de búfer en la región heap de la memoria en la función cgiCompileSearch en CUPS versión 1.3.5 y otras versiones incluyendo la versión incorporada con Apple Mac OS X versión 10.5.2, cuando el uso compartido de impresoras está habilitado, permite a los atacantes remotos ejecutar código arbitrario por medio de expresiones de búsqueda diseñadas. • http://docs.info.apple.com/article.html?artnum=307562 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=674 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00005.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29431 http://secunia.com/advisories/29448 http://secunia.com/advisories/29485 http://secunia.com/advisories/29573 http://secunia.com/advisories/29603 h • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •