CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2008-0998
https://notcve.org/view.php?id=CVE-2008-0998
Unspecified vulnerability in NetCfgTool in the System Configuration component in Apple Mac OS X 10.4.11 and 10.5.2 allows local users to bypass authorization and execute arbitrary code via crafted distributed objects. Vulnerabilidad sin especificar de NetCfgTool en el componente de configuración de sistema en Apple Mac OS X 10.4.11 y 10.5.2, permite a usuarios locales saltarse la autorización y ejecutar código de elección a través de objetos distribuidos manipulados. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28385 http://www.securitytracker.com/id?1019674 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41281 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.8EPSS: 1%CPEs: 4EXPL: 0CVE-2008-0044
https://notcve.org/view.php?id=CVE-2008-0044
Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL. Múltiples Desbordamientos de búfer de AFP Client en Apple Mac OS X 10.4.11 y 10.5.2, que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) y ejecutar código de su elección a través de una URL afp:// manipulada. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28320 http://www.securitytracker.com/id?1019640 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41319 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0CVE-2008-0997
https://notcve.org/view.php?id=CVE-2008-0997
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when querying a network printer. Desbordamiento de búfer basado en pila de AppKit en Apple Mac OS X 10.4.11, permite a atacantes remotos ayudados por el usuario provocar una denegación de servicio (caída de aplicación) y ejecutar código de su elección a través de un archivo PostScript Printer Description (PPD) manipulado que no se encuentra manejado adecuadamente en una petición de una impresora de red. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28364 http://www.securitytracker.com/id?1019648 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41282 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0048
https://notcve.org/view.php?id=CVE-2008-0048
Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API. Desbordamiento de búfer basado en pila en AppKit de Apple Mac OS X 10.4.11 permite a atacantes dependientes del contexto ejecutar código de su elección a través de un nombre de archivo largo a la API NSDocument. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28388 http://www.securitytracker.com/id?1019647 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41315 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0046
https://notcve.org/view.php?id=CVE-2008-0046
The Application Firewall in Apple Mac OS X 10.5.2 has an incorrect German translation for the "Set access for specific services and applications" radio button that might cause the user to believe that the button is used to restrict access only to specific services and applications, which might allow attackers to bypass intended access restrictions. La Application Firewall en Apple Mac OS X 10.5.2 tiene una traducción al alemán incorrecta para el botón de radio "Permitir acceso para servicios y aplicaciones concretas" -Set access for specific services and applications- lo que puede provocar que el usuario crea que el botón sirve para restringir el acceso sólo a determinados servicios y aplicaciones; esto puede permitir a los atacantes evitar las restricciones de acceso pretendidas. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28368 http://www.securitytracker.com/id?1019658 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41317 • CWE-264: Permissions, Privileges, and Access Controls •