CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0014
https://notcve.org/view.php?id=CVE-2009-0014
Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder. Folder Manager en Apple Mac OS X 10.5.6 usa permisos inseguros por defecto cuando recrea un carpeta Downloads después de que ha sido borrada, lo que permite a los usuarios evitar las restricciones de acceso y lee la carpeta Downloads. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33820 http://www.vupen.com/english/advisories/2009/0422 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2009-0019
https://notcve.org/view.php?id=CVE-2009-0019
Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access. Remote Apple Events en Apple Mac OS X v10.4.11 y v10.5.6 que permite a los atacantes remotos causar una denegación de servicios (terminación de la aplicación) u obtener información sensible a través de vectores no especificados que lanzan un acceso a memoria fuera de rango. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33814 http://www.vupen.com/english/advisories/2009/0422 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0018
https://notcve.org/view.php?id=CVE-2009-0018
The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory. The Remote Apple Events server en Apple Mac OS X 10.4.11 y 10.5.6 no inicializa apropiadamente un búfer, lo cual permite a los atacantes remotos leer porciones de memoria. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33816 http://www.vupen.com/english/advisories/2009/0422 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0017
https://notcve.org/view.php?id=CVE-2009-0017
csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow. csregprinter en el componente Printing de Apple Mac OS X v10.4.11 y v10.5.6, no maneja adecuadamente las condiciones de error, esto permite a usuarios locales ejecutar código de su elección a través de vectores desconocidos que provocan un desbordamiento del búfer basado en montículo. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33811 http://www.vupen.com/english/advisories/2009/0422 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0142
https://notcve.org/view.php?id=CVE-2009-0142
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic." Condición de carrera en AFP Server de Apple Mac OS X v10.5.6, permite a usuarios locales provocar una denegación de servicio (bucle infinito) a través de vectores no especificados relacionados con "lógica en la enumeración de ficheros". • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://secunia.com/advisories/33937 http://support.apple.com/kb/HT3438 http://www.securityfocus.com/bid/33759 http://www.securityfocus.com/bid/33812 http://www.vupen.com/english/advisories/2009/0422 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •