CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3500
https://notcve.org/view.php?id=CVE-2006-3500
The dynamic linker (dyld) in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability. El enlazador dinámico (dyld) en Apple Mac OS X 10.4.7 permite a usuarios locales ejecutar código de su elección a través de una "condición de manejo incorrecta" que conduce al uso de "parches peligrosos", posiblemente relacionados con una vulnerabilidad del camino de búsqueda no confiable en un fichero. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/21253 http://www.osvdb.org/27738 http://www.securityfocus.com/bid/19289 http://www.us-cert.gov/cas/techalerts/TA06-214A.html http://www.vupen.com/english/advisories/2006/3101 https://exchange.xforce.ibmcloud.com/vulnerabilities/28141 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3504
https://notcve.org/view.php?id=CVE-2006-3504
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari. El validador de descargas en LaunchServices para Apple Mac OS X 10.4.7 puede identificar cierto HTML como "seguro",lo cual podría permitir a atacantes ejecutar código Javascript en un contexto local cuan la opción "Abrir archivos seguros después de la descarga" está habilitada en Safari. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/21253 http://www.osvdb.org/27743 http://www.securityfocus.com/bid/19289 http://www.us-cert.gov/cas/techalerts/TA06-214A.html http://www.vupen.com/english/advisories/2006/3101 https://exchange.xforce.ibmcloud.com/vulnerabilities/28146 •
CVSS: 4.0EPSS: 2%CPEs: 2EXPL: 0CVE-2006-0393
https://notcve.org/view.php?id=CVE-2006-0393
OpenSSH in Apple Mac OS X 10.4.7 allows remote attackers to cause a denial of service or determine account existence by attempting to log in using an invalid user, which causes the server to hang. OpenSSH en Apple Mac OS X 10.4.7 permite a atacantes remotos provocar denegación de servicio o determinar la existencia de cuetas intentando entrar utilizando un usuario no válido, lo cual hace que el servidor se cuelgue. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/21253 http://securitytracker.com/id?1016672 http://www.osvdb.org/27745 http://www.securityfocus.com/bid/19289 http://www.us-cert.gov/cas/techalerts/TA06-214A.html http://www.vupen.com/english/advisories/2006/3101 https://exchange.xforce.ibmcloud.com/vulnerabilities/28147 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-0392
https://notcve.org/view.php?id=CVE-2006-0392
Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image. Desbordamiento de búger en Apple Mac OS X 10.4.7 permite a atacantes con la intervención del usuario provocar denegación de servicio (caida de aplicación) y posiblemente ejecutar código de su elección a través de una imagen Canon RAW manipulada. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/21253 http://www.kb.cert.org/vuls/id/527236 http://www.osvdb.org/27739 http://www.securityfocus.com/bid/19289 http://www.us-cert.gov/cas/techalerts/TA06-214A.html http://www.vupen.com/english/advisories/2006/3101 https://exchange.xforce.ibmcloud.com/vulnerabilities/28142 •
CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0CVE-2006-3505
https://notcve.org/view.php?id=CVE-2006-3505
WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated. WebKit en Apple Mac OS X 10.3.9 y 10.4.7 permite a atacantes remotos provocar denegación de servicio (caida) y posiblemente ejecutar código de su elección a través de documentos HTML manipulados que provocan que WebKit acceda a un objeto que se ha desasignado ya. • http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://secunia.com/advisories/21253 http://www.kb.cert.org/vuls/id/566132 http://www.osvdb.org/27744 http://www.securityfocus.com/bid/19289 http://www.us-cert.gov/cas/techalerts/TA06-214A.html http://www.vupen.com/english/advisories/2006/3101 https://exchange.xforce.ibmcloud.com/vulnerabilities/28149 •