Page 63 of 603 results (0.004 seconds)

CVSS: 7.5EPSS: 4%CPEs: 19EXPL: 0

CVE-2008-0063 – krb5: possible leak of sensitive data from krb5kdc using krb4 request

https://notcve.org/view.php?id=CVE-2008-0063

The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." El soporte Kerberos 4 en KDC en MIT Kerberos 5 (krb5kdc) no borra apropiadamente la parte no utilizada de un búfer cuando se genera un mensaje de error, lo que podría permitir a los atacantes remotos obtener información confidencial, también se conoce como "Uninitialized stack values." • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29423 http://secunia.com/advisories/29424 http://secunia.com/advisories/29428 http://secunia.com/advisories/29435 http://secunia.com/advisories/29438 http://secunia.com/advisories/29450 http://secunia.com/advisories/2 • CWE-908: Use of Uninitialized Resource •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-0055

https://notcve.org/view.php?id=CVE-2008-0055

Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges. Foundation en Apple Mac OS X 10.4.11 crea directorios "world-writable" mientras NSFileManager copia archivos progresivamente y modifica los permisos después, esto permite a usuarios locales modificar los archivos copiados lo que provoca una denegación de servicio y posiblemente, una elevación de privilegios. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28343 http://www.securitytracker.com/id?1019649 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41299 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.8EPSS: 9%CPEs: 2EXPL: 0

CVE-2008-0058

https://notcve.org/view.php?id=CVE-2008-0058

Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object. Condición de carrera en la funcionalidad de gestión de cache NSURLConnection en Foundation de Apple Mac OS X 10.4.11, permite a atacantes remotos ejecutar código de su elección a través de manipulaciones no especificadas que provocan que los mensajes sean enviados a un objeto no asignado. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28359 http://www.securitytracker.com/id?1019650 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41297 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-0994

https://notcve.org/view.php?id=CVE-2008-0994

Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. Preview en Apple Mac OS X 10.5.2 utiliza RC4 de 40 bits cuando guarda un archivo PDF encriptado, lo que facilita que atacantes remotos puedan descifrar el archivo a través de métodos de fuerza bruta. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28386 http://www.securitytracker.com/id?1019665 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41276 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 1.7EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-0996

https://notcve.org/view.php?id=CVE-2008-0996

The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk when starting a job on an authenticated print queue, which might allow local users to obtain the credentials. El componente Printing en Apple Mac OS X 10.5.2 puede guardar las credenciales de autenticación en el disco cuando empieza una tarea en una cola de impresión autenticada, esto puede permitir a los usuarios locales obtener estos credenciales. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28344 http://www.securitytracker.com/id?1019667 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41284 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors •