NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" <= 10.6.2"

Page 91 of 777 results (0.011 seconds)

CVSS: 2.1EPSS: 0%CPEs: 10EXPL: 0

CVE-2008-3619

https://notcve.org/view.php?id=CVE-2008-3619

Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files. Time Machine en Apple Mac OS X 10.5 a la v10.5.4 usa permisos débiles para el acceso a los logs de la Time Machine, lo que permite a usuarios locales obtener información sensible leyendolos. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://secunia.com/advisories/31882 http://securitytracker.com/id?1020884 http://www.securityfocus.com/bid/31189 http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vupen.com/english/advisories/2008/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/45176 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

CVE-2008-2330

https://notcve.org/view.php?id=CVE-2008-2330

slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "insecure file operation issue." slapconfig en Directory Services en Apple Mac OS X 10.5 a la v10.5.4, permite a usuarios locales seleccionar un fichero con permisos de lectura de salida en el que ha sido escrito la contraseña del servidor mediante el administrador de sistema OpenLDAP, relacionado con la función "mkfifo", también conocido como "cuestión insegura de operación con fichero"(insecure file operation issue). • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://secunia.com/advisories/31882 http://securitytracker.com/id?1020874 http://www.securityfocus.com/bid/31189 http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vupen.com/english/advisories/2008/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/45164 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 3%CPEs: 12EXPL: 0

CVE-2008-2305

https://notcve.org/view.php?id=CVE-2008-2305

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names." Desbordamiento de búfer basado en montículo en Apple Type Services (ATS) en Apple Mac OS X 10.4.11 y 10.5 a la v10.5.4, permite a atacantes remotos ejecutar código de su elección a través de un documento que contiene un tipo de fuente manipulado, relacionado con "PostScript font names." (Nombres de fuentes postscript) • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://secunia.com/advisories/31882 http://securitytracker.com/id?1020873 http://www.securityfocus.com/bid/31189 http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vupen.com/english/advisories/2008/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/45162 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 2%CPEs: 37EXPL: 0

CVE-2008-3629

https://notcve.org/view.php?id=CVE-2008-3629

Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read. Apple QuickTime anterior a 7.5.5 , permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación), a través de una imagen PICT manipulada que induce una lectura fuera de rango. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00000.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html http://secunia.com/advisories/31821 http://secunia.com/advisories/32121 http://securitytracker.com/id?1020841 http://support.apple.com/kb/HT3027 http://support.apple.com/kb/HT3189 http://www.securityfocus.com/bid/31086 http://www.securityfocus.com/bid/31548 http://www.vupen.com/english/advisories/2008/2527 http://www.vupen • CWE-399: Resource Management Errors •

CVSS: 2.6EPSS: 0%CPEs: 47EXPL: 0

CVE-2008-3634

https://notcve.org/view.php?id=CVE-2008-3634

Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information. Aplicación Itunes anterior a la v8 sobre Mac OS X 10.4.11, cuando iTunes Sharing se encuentra habilitado pero bloqueado por el cortafuegos del sistema, muestra información falsa (engañosa) sobre la seguridad del cortafuegos. Esto podría ser aprovechado por atacantes remotos. El administrador no obviaría esta cuestión si se le diera mejor información al respecto. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html http://securitytracker.com/id?1020840 http://www.securityfocus.com/bid/31090 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

1...89 90 91 92 93