CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0CVE-2007-0732
https://notcve.org/view.php?id=CVE-2007-0732
Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port." Vulnerabilidad no especificada en el demonio CoreServices en CarbonCore en Apple Mac OS X 10.4 hasta 10.4.9 permite a usuarios locales ganar privilegios a través de vectores no especificados afectando a "la obtención del envío correcto en el puerto de la tarea Mach". • http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://secunia.com/advisories/24966 http://www.osvdb.org/34859 http://www.securityfocus.com/bid/23569 http://www.securitytracker.com/id?1017942 http://www.us-cert.gov/cas/techalerts/TA07-109A.html http://www.vupen.com/english/advisories/2007/1470 •
CVSS: 6.8EPSS: 2%CPEs: 77EXPL: 0CVE-2007-1884
https://notcve.org/view.php?id=CVE-2007-1884
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location. Errores múltiples en signo de entero en la familia de funciones printf en PHP 4 versiones anteriores a 4.4.5 y PHP 5 versiones anteriores a 5.2.1 en arquitecturas de 64 bits permite a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante (1) argumentos numéricos negativos concretos que aparecen en la función php_formatted_print debido al truncamiento de 64 a 32 bits, y evitar una comprobación del máximo valor permitido; y (2) una longitud y precisión de -1, lo cual hace posible a la función php_sprintf_appendstring situar un búfer interno en una posición de memoria de su elección. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 http://secunia.com/advisories/25423 http://secunia.com/advisories/25850 http://www.osvdb.org/33955 http://www.osvdb.org/34767 http://www.php-security.org/MOPB/MOPB-38-2007.html http://www.php.net/releases/5_2_1.php http://www.securityfocus.com/bid/23219 http://www.vupen.com/ •
CVSS: 8.5EPSS: 1%CPEs: 20EXPL: 0CVE-2007-0723
https://notcve.org/view.php?id=CVE-2007-0723
Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors. Vulnerabilidad no especificada en la característica de autenticación de DirectoryService (DS Plug-Ins) para Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 permite a usuarios LDAP remotos autenticados modificar la contraseña de root y obtener privilegios mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.kb.cert.org/vuls/id/557064 http://www.osvdb.org/34848 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017751 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 •
CVSS: 9.3EPSS: 1%CPEs: 18EXPL: 0CVE-2007-0731
https://notcve.org/view.php?id=CVE-2007-0731
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. Desbordamiento de búfer basado en pila en el módulo de Samba específico de Apple (SMB File Server) en Apple Mac OS X 10.4 hasta 10.4.8 permite a atacantes dependientes del contexto ejecutar código de su elección mediante una lista de control de acceso (ACL) larga. • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://www.osvdb.org/34852 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017754 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0930 https://exchange.xforce.ibmcloud.com/vulnerabilities/32979 •
CVSS: 6.9EPSS: 0%CPEs: 19EXPL: 0CVE-2007-0724
https://notcve.org/view.php?id=CVE-2007-0724
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console. El interfaz IOKit HID en Apple Mac OS X 10.3.9 y 10.4 hasta 10.4.8 no limita lo suficiente el acceso a ciertos controles, lo cual permite a usuarios locales obtener privilegios utilizando eventos de dispositivo HID para leer pulsaciones de teclado desde la consola. • http://docs.info.apple.com/article.html?artnum=305214 http://docs.info.apple.com/article.html?artnum=305391 http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://secunia.com/advisories/24966 http://www.osvdb.org/34855 http://www.securityfocus.com/bid/22948 http://www.securitytracker.com/id?1017751 http://www.securitytracker.com/id?1017942 http:&# •