Page 82 of 777 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user. XTerm en Apple Mac OS X v10.4.11 y v10.5.6, cuando usado con luit, crea dispositivos tty con permisos inseguros de escritura, el cual permite a los usuarios locales escribir a el Xterm de otro usuario. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://securitytracker.com/alerts/2009/Feb/1021729.html http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33798 http://www.vupen.com/english/advisories/2009/0422 https://exchange.xforce.ibmcloud.com/vulnerabilities/48727 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory. The Remote Apple Events server en Apple Mac OS X 10.4.11 y 10.5.6 no inicializa apropiadamente un búfer, lo cual permite a los atacantes remotos leer porciones de memoria. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33816 http://www.vupen.com/english/advisories/2009/0422 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information. dscl en DS Tools den Apple Mac OS X v10.4.11 y v10.5.6, requiere que la contraseña sea proporcionada como argumentos de la línea de comandos, esto permite a usuarios locales ganar privilegios al listar información de los procesos. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://securitytracker.com/alerts/2009/Feb/1021722.html http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33815 http://www.vupen.com/english/advisories/2009/0422 https://exchange.xforce.ibmcloud.com/vulnerabilities/48717 • CWE-255: Credentials Management Errors •

CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0

Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption. Vulnerabilidad no especificada en Pixlet codec en Apple Mac OS X v10.4.11 y v10.5.6 que permite a los atacantes remotos causar una denegación de servicios (terminación de la aplicación) y posiblemente una ejecución arbitraria de código a través de archivos de vídeo manipuladas que lanzan una corrupción de memoria. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://osvdb.org/51980 http://secunia.com/advisories/33937 http://securitytracker.com/alerts/2009/Feb/1021718.html http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.vupen.com/english/advisories/2009/0422 https://exchange.xforce.ibmcloud.com/vulnerabilities/48713 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow. Desbordamiento de entero en el componente SMB en Apple Mac OS X v10.5.6 que permite a los servidores remotos SMB causar una denegación de servicios (caída del sistema) o ejecutar arbitrariamente código a través de archivos de sistemas SMB manipulados que lanzan un un desbordamiento de búfer basado en pila. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.vupen.com/english/advisories/2009/0422 • CWE-189: Numeric Errors •