CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2403
https://notcve.org/view.php?id=CVE-2007-2403
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. CFNetwork en Apple Mac OS X 10.3.9 y 10.4.10 no valida adecuadamente URIs ftp:, lo cual permite a atacantes remotos provocar la transmisión de comandos FTP de su elección mediante servidores FTP de su elección. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018491 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35721 •
CVSS: 6.8EPSS: 4%CPEs: 3EXPL: 0CVE-2007-2406
https://notcve.org/view.php?id=CVE-2007-2406
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file. Quartz Composer en Apple Mac OS X 10.4.10 no inicializa cierto punto a objeto, lo cual podría permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero Quartz Composer manipulado artesanalmente. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35737 •
CVSS: 6.8EPSS: 3%CPEs: 5EXPL: 0CVE-2007-3745
https://notcve.org/view.php?id=CVE-2007-3745
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code. La interfaz Java para CoreAudio en Apple Mac OS X 10.3.9 y 10.4.10 contiene una interfaz no segura que es expuesta por JDirect, lo cual permite a atacantes remotos liberar memoria de su elección y por tanto ejecutar código arbitrario. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018492 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35725 •
CVSS: 4.0EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2407
https://notcve.org/view.php?id=CVE-2007-2407
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. El servidor Samba en Apple Mac OS X 10.3.9 y 10.4.10, cuando la compartición de archivos Windows está habilitada, no impone quotas de disco tras borrar privilegios, lo cual permite a usuarios remotos autenticados utilizar espacio de disco que excede la quota. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35738 •
CVSS: 5.8EPSS: 6%CPEs: 22EXPL: 0CVE-2007-3744
https://notcve.org/view.php?id=CVE-2007-3744
Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet. Desbordamiento de búfer en la región heap de la memoria en la implementación uPnP IGD (Internet Gateway Device Standardized Device Control Protocol) en mDNSResponder en Apple Mac OS X versión 10.4.10 anterior a 20070731, permite a atacantes remotos adyacentes a la red ejecutar código arbitrario por medio de un paquete diseñado. • http://docs.info.apple.com/article.html?artnum=306172 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=573 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.securitytracker.com/id?1018488 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35733 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •