NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" <= 10.6.8"

Page 7 of 786 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2012-0651

https://notcve.org/view.php?id=CVE-2012-0651

The directory server in Directory Service in Apple Mac OS X 10.6.8 allows remote attackers to obtain sensitive information from process memory via a crafted message. El servidor de directorios en el servicio de directorio de Apple Mac OS X v10.6.8 permite a atacantes remotos obtener información sensible de la memoria del proceso a través de un mensaje manipulado. • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://support.apple.com/kb/HT5281 http://www.securityfocus.com/bid/53445 http://www.securityfocus.com/bid/53458 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.9EPSS: 0%CPEs: 140EXPL: 0

CVE-2012-0649

https://notcve.org/view.php?id=CVE-2012-0649

Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file. Condición de carrera en la rutina de inicialización en el Bluetooth en Apple Mac OS X antes de v10.7.4 permite a usuarios locales conseguir privilegios a través de vectores relacionados con un archivo temporal. • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://support.apple.com/kb/HT5281 http://www.securityfocus.com/bid/53445 http://www.securityfocus.com/bid/53456 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.8EPSS: 0%CPEs: 140EXPL: 0

CVE-2012-0654

https://notcve.org/view.php?id=CVE-2012-0654

libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate. libsecurity en Apple Mac OS X antes de v10.7.4 acceda a posiciones de memoria sin inicializar durante la tramitación de los certificados X.509, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un certificado modificado. • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://support.apple.com/kb/HT5281 http://www.securityfocus.com/bid/53445 http://www.securityfocus.com/bid/53471 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 140EXPL: 0

CVE-2012-0658

https://notcve.org/view.php?id=CVE-2012-0658

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. Desbordamiento de búffer en QuickTime en Apple Mac OS X antes de v10.7.4 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de tablas de muestra de audio en un archivo de película que es descargado progresivamente. • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/May/msg00005.html http://support.apple.com/kb/HT5261 http://support.apple.com/kb/HT5281 http://www.securityfocus.com/bid/53445 http://www.securityfocus.com/bid/53465 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 0%CPEs: 140EXPL: 0

CVE-2012-0655

https://notcve.org/view.php?id=CVE-2012-0655

libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within X.509 certificates, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by conducting a spoofing or network-sniffing attack during communication with a site that uses a short key. libsecurity en Apple Mac OS X anteriores a 10.7.4 no restringe apropiadamente la longitud de las claves RSA de certificados X.509, lo que facilita a atacantes remotos evitar los mecanismos de protección criptográfica realizando un ataque de suplantación de identidad ("spoofing") o de captura del tráfico de red ("network-sniffing") durante la comunicación con una página web que utiliza una clave de poca longitud. • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://support.apple.com/kb/HT5281 http://www.securityfocus.com/bid/53445 http://www.securityfocus.com/bid/53462 • CWE-310: Cryptographic Issues •

1...5 6 7 8 9