Page 69 of 606 results (0.009 seconds)

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API. Desbordamiento de búfer basado en pila en AppKit de Apple Mac OS X 10.4.11 permite a atacantes dependientes del contexto ejecutar código de su elección a través de un nombre de archivo largo a la API NSDocument. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28388 http://www.securitytracker.com/id?1019647 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41315 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0

AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for inter-process communication instead of inter-thread communication, which allows local users to execute arbitrary code via crafted messages to privileged applications. AppKit en Apple Mac OS X versión 10.4.11, inadvertidamente realiza una habilitación de un puerto mach NSApplication para la comunicación entre procesos en lugar de la comunicación entre subprocesos (hilos), lo que permite a los usuarios locales ejecutar código arbitrario por medio de mensajes diseñados a aplicaciones privilegiadas. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28340 http://www.securitytracker.com/id?1019647 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41314 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 9%CPEs: 2EXPL: 0

Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list. Múltiples desbordamientos de enteros en un analizador de "legacy serialization format" en AppKit en Apple Mac OS X versión 10.4.11, permite a los atacantes remotos ejecutar código arbitrario por medio de una lista de propiedades serializadas. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28358 http://www.securitytracker.com/id?1019648 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41298 • CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 2%CPEs: 198EXPL: 0

A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting. Cierto algoritmo generador de números pseudo-aleatorios(PRNG) que usa ADD con 0 saltos aleatorios(también conocido como "algoritmo A0"), usado en OpenBSD de la v3.5 a la 4.2 y NetBSD v1.6.2 a la 4.0, permite a atacantes remotos adivinar datos sensibles como (1)los IDs de una transacción DNS, (2)IDs de una fragmentación IP observando una secuencias generadas previamente. NOTA: este fallo puede ser aprovechado por ataques como el envenenamiento de la cachés DNS, la inyección de paquetes TCP y OS fingerprinting. • http://secunia.com/advisories/28819 http://www.securiteam.com/securityreviews/5PP0H0UNGW.html http://www.securityfocus.com/archive/1/487658 http://www.securityfocus.com/bid/27647 http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/40329 https://exchange.xforce.ibmcloud.com/vulnerabilities/41157 •

CVSS: 6.8EPSS: 1%CPEs: 198EXPL: 0

A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting. Cierto algoritmo generador de números pseudo-aleatorios(PRNG) que usa XOR y alterna en saltos de 2-bit (también conocido com o"algoritmo X2"), usado en OpenBSD de la v2.6 a la 3.4, Mac OS X de la v10 a a 10.5.1, FreeBSD 4.4 a la 7.0 y DragonFlyBSD 1.0 a la 1.10.1, permite a atacantes remotos adivinar datos sensibles como los IDs de una fragmentación IP observando una secuencia generada previamente. NOTA: este fallo puede ser aprovechado por ataques como la inyección de paquetes TCP y OS fingerprinting. • http://seclists.org/bugtraq/2008/Feb/0052.html http://seclists.org/bugtraq/2008/Feb/0063.html http://secunia.com/advisories/28819 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype= http://www.securiteam.com/securityreviews/5PP0H0UNGW.html http://www.securityfocus.com/archive/1/487658 http://www.securityfocus.com/bid/27647 http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf https://e •