CVSS: 6.8EPSS: 4%CPEs: 3EXPL: 0CVE-2007-2406
https://notcve.org/view.php?id=CVE-2007-2406
Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might allow user-assisted remote attackers to execute arbitrary code via a crafted Quartz Composer file. Quartz Composer en Apple Mac OS X 10.4.10 no inicializa cierto punto a objeto, lo cual podría permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero Quartz Composer manipulado artesanalmente. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35737 •
CVSS: 4.0EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2407
https://notcve.org/view.php?id=CVE-2007-2407
The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does not enforce disk quotas after dropping privileges, which allows remote authenticated users to use disk space in excess of quota. El servidor Samba en Apple Mac OS X 10.3.9 y 10.4.10, cuando la compartición de archivos Windows está habilitada, no impone quotas de disco tras borrar privilegios, lo cual permite a usuarios remotos autenticados utilizar espacio de disco que excede la quota. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35738 •
CVSS: 6.8EPSS: 3%CPEs: 42EXPL: 0CVE-2007-3746
https://notcve.org/view.php?id=CVE-2007-3746
The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bounds of heap read and write operations, which allows remote attackers to execute arbitrary code via a crafted applet. La interfaz Java de CoreAudio en Apple Mac OS X 10.3.9 y 10.4.10 no comprueba adecuadamente los límites de las operaciones de lectura y escritura del montículo, lo cual permite a atacantes remotos ejecutar código de su elección mediante un applet manipulado. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018492 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35727 •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2007-2410
https://notcve.org/view.php?id=CVE-2007-2410
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks. WebCore en Apple Mac OS X 10.3.9 y 10.4.10 retine propiedades de determinado objetos globales cuando se visita un nuevo URL en la misma ventana, lo cual permite a atacantes remotos conducir ataques de secuencias de comandos en sitios cruzados (XSS). • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018494 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35743 •
CVSS: 4.3EPSS: 1%CPEs: 5EXPL: 0CVE-2007-2409
https://notcve.org/view.php?id=CVE-2007-2409
Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers to obtain sensitive information via a popup window, which is able to read the current URL of the parent window. Vulnerabilidad de dominio cruzado en WebCores de Apple Mac OS X 10.3.9 y 10.4.10 permite a atacantes remotos obtener información sensible a través de una ventana emergente, la cual es capaz de leer el URL actual de la ventana padre. • http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/26235 http://securitytracker.com/id?1018494 http://www.securityfocus.com/bid/25159 http://www.vupen.com/english/advisories/2007/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/35740 •