CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2006-5327
https://notcve.org/view.php?id=CVE-2006-5327
17 Oct 2006 — Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase. Vulnerabilidad de ruta de búsqueda en un fichero no confiable en OpenBase SQL 10.0 y anteriores, al usarlo en Apple Xcode 2.2 y anteriores y po... • http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2006-5328
https://notcve.org/view.php?id=CVE-2006-5328
17 Oct 2006 — OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file. OpenBase SQL 10.0 y anteriores, al usarlo en Apple Xcode 2.2 y anteriores y posiblemente otros productos, permite a usuarios locales crear archivos de su elección mediante un ataque de enlace simbólico en el fichero simulation.sql. • http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-1466
https://notcve.org/view.php?id=CVE-2006-1466
24 May 2006 — Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. • http://lists.apple.com/archives/security-announce/2006/May/msg00004.html •
CVSS: 9.8EPSS: 91%CPEs: 2EXPL: 5CVE-2004-2687 – DistCC Daemon - Command Execution
https://notcve.org/view.php?id=CVE-2004-2687
31 Dec 2004 — distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. • https://www.exploit-db.com/exploits/9915 • CWE-16: Configuration •