CVE-2008-3647
https://notcve.org/view.php?id=CVE-2008-3647
Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment. Desbordamiento de búfer en PSNormalizer en Mac OS X v10.4.11 y v10.5.5 permite a atacantes remotos provocar una denegación de servicio (finalización de la aplicación) y ejecutar código de su elección mediante un fichero PostScript con un comentario manipulado en un elemento "bounding box". • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31719 http://www.securitytracker.com/id?1021026 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45783 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-3642
https://notcve.org/view.php?id=CVE-2008-3642
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile. Desbordamiento de búfer en ColorSync en Mac OS X 10.4.11 y 10.5.5 que permite a los atacantes remotos causar una denegación de servicios (terminación de la aplicación) y posiblemente ejecutar arbitrariamente código a través de una imagen o un perfil ICC manipulado. • http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://secunia.com/advisories/32706 http://support.apple.com/kb/HT3216 http://support.apple.com/kb/HT3298 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31715 http://www.securitytracker.com/id?1021023 http://www.vupen.com/english/advisories/2008/2780 https://exchang • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-4214
https://notcve.org/view.php?id=CVE-2008-4214
Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files. Vulnerabilidad no especificada en el editor de scripts de Mac OS X v10.4.11 y v10.5.5 que permite a usuarios locales producir que el diccionario de scripts se escriba en lugares arbitrarios, relacionado con una "operación insegura de fichero" en los ficheros temporales. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31716 http://www.securitytracker.com/id?1021029 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45786 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4215
https://notcve.org/view.php?id=CVE-2008-4215
Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions. Vulnerabilidad en la lista de control de acceso a publicación de el Weblog en el servidor Mac OS X v10.4.11 que no comprueba adecuadamente cuando un usuario posee múltiples nombres cortos que permite a los atacantes evitar las restricciones de seguridad. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31718 http://www.securitytracker.com/id?1021030 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45787 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4212
https://notcve.org/view.php?id=CVE-2008-4212
Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions. Vulnerabilidad sin especificar en rlogind en el componente rlogin en Mac OS X v10.4.11 v10.5.5 aplica entradas hosts.equiv a root a pesar de que en la documentación se indica que podría permitir a atacantes remotos evitar las restricciones de acceso establecidas. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31681 http://www.securityfocus.com/bid/31708 http://www.securitytracker.com/id?1021028 http://www.vupen.com/english/advisories/2008/2780 https://exchange.xforce.ibmcloud.com/vulnerabilities/45785 • CWE-16: Configuration •