CVSS: 6.4EPSS: 5%CPEs: 32EXPL: 0CVE-2006-0387
https://notcve.org/view.php?id=CVE-2006-0387
Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://securitytracker.com/id?1015713 http://www.kb.cert.org/vuls/id/176732 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25032 •
CVSS: 5.0EPSS: 8%CPEs: 32EXPL: 0CVE-2006-0383
https://notcve.org/view.php?id=CVE-2006-0383
IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". IPSec, cuando se usa con redes VPN en Max OS X 10.4 a 10.4.5 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante vectores no especificados implicando "manejo incorrecto de condiciones de error". • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://www.osvdb.org/23643 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25025 •
CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2006-0384
https://notcve.org/view.php?id=CVE-2006-0384
automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". • http://docs.info.apple.com/article.html?artnum=303382 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html http://secunia.com/advisories/19064 http://securitytracker.com/id?1015709 http://www.osvdb.org/23640 http://www.securityfocus.com/bid/16907 http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://www.vupen.com/english/advisories/2006/0791 https://exchange.xforce.ibmcloud.com/vulnerabilities/25021 •
CVSS: 5.1EPSS: 97%CPEs: 2EXPL: 5CVE-2006-0848 – Safari Archive Metadata Command Execution
https://notcve.org/view.php?id=CVE-2006-0848
The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. • https://www.exploit-db.com/exploits/16866 http://docs.info.apple.com/article.html?artnum=303382 http://secunia.com/advisories/18963 http://securitytracker.com/id?1015652 http://www.frsirt.com/exploits/20060222.safari_safefiles_exec.pm.php http://www.heise.de/english/newsticker/news/69862 http://www.kb.cert.org/vuls/id/999708 http://www.mathematik.uni-ulm.de/numerik/staff/lehn/macosx.html http://www.osvdb.org/23510 http://www.securityfocus.com/bid/16736 http:// • CWE-16: Configuration •
CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 1CVE-2005-3782
https://notcve.org/view.php?id=CVE-2005-3782
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username. • http://www.osvdb.org/20776 •