Page 92 of 779 results (0.013 seconds)

CVSS: 4.3EPSS: 2%CPEs: 37EXPL: 0

Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read. Apple QuickTime anterior a 7.5.5 , permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación), a través de una imagen PICT manipulada que induce una lectura fuera de rango. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00000.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00000.html http://secunia.com/advisories/31821 http://secunia.com/advisories/32121 http://securitytracker.com/id?1020841 http://support.apple.com/kb/HT3027 http://support.apple.com/kb/HT3189 http://www.securityfocus.com/bid/31086 http://www.securityfocus.com/bid/31548 http://www.vupen.com/english/advisories/2008/2527 http://www.vupen • CWE-399: Resource Management Errors •

CVSS: 2.6EPSS: 0%CPEs: 47EXPL: 0

Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information. Aplicación Itunes anterior a la v8 sobre Mac OS X 10.4.11, cuando iTunes Sharing se encuentra habilitado pero bloqueado por el cortafuegos del sistema, muestra información falsa (engañosa) sobre la seguridad del cortafuegos. Esto podría ser aprovechado por atacantes remotos. El administrador no obviaría esta cuestión si se le diera mejor información al respecto. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html http://securitytracker.com/id?1020840 http://www.securityfocus.com/bid/31090 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0

QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office file, related to insufficient "bounds checking." QuickLook en Apple Mac OS X 10.4.11 y 10.5.4, permite a atacantes remotos ejecutar código arbitrariamente o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un archivo de Microsoft Office, relacionado con la "comprobación de límite" insuficiente. • http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://secunia.com/advisories/31326 http://www.securityfocus.com/bid/30483 http://www.securityfocus.com/bid/30493 http://www.securitytracker.com/id?1020607 http://www.vupen.com/english/advisories/2008/2268 https://exchange.xforce.ibmcloud.com/vulnerabilities/44135 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 12%CPEs: 5EXPL: 1

Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of arguments." Vulnerabilidad no especificada en CoreGraphics de Apple Mac OS X 10.4.11 and 10.5.4, permite a atacantes ejecutar código arbitrariamente o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de vectores desconocidos que implican el "procesado de argumentos" • https://www.exploit-db.com/exploits/32136 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://secunia.com/advisories/31326 http://secunia.com/advisories/32756 http://secunia.com/advisories/35379 http://support.apple.com/kb/HT3318 http://support.apple.com/kb/HT3613 http://www.securityfocus.com/bid/30483 • CWE-399: Resource Management Errors •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs. La herramienta Repair Permissions de Disk Utility en Apple Mac OS X 10.4.11, añade el bit setuid al archivo ejecutable emacs, lo cual permite a los usuarios locales obtener privilegios ejecutando comandos sin emacs. • http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://secunia.com/advisories/31326 http://www.securityfocus.com/bid/30483 http://www.securityfocus.com/bid/30492 http://www.securitytracker.com/id?1020605 http://www.vupen.com/english/advisories/2008/2268 https://exchange.xforce.ibmcloud.com/vulnerabilities/44132 • CWE-264: Permissions, Privileges, and Access Controls •