Page 96 of 777 results (0.006 seconds)

CVSS: 7.1EPSS: 1%CPEs: 8EXPL: 0

The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read. El motor de decodificación de imágenes BMP y GIF en ImageIO en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos obtener información confidencial (contenido de memoria) por medio de una imagen (1) BMP o (2) GIF diseñada, lo que causa una lectura fuera de límites. • http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://secunia.com/advisories/30775 http://securitytracker.com/id?1020144 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29513 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/adviso • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 3%CPEs: 8EXPL: 0

Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that triggers a heap-based buffer overflow. Un desbordamiento de enteros en ImageIO en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de una imagen JPEG2000 diseñada que desencadena un desbordamiento de búfer en la región heap de la memoria. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020144 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29514 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42722 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 6EXPL: 0

Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing. Una vulnerabilidad no especificada en el servidor Apple Type Services (ATS) en Apple Mac OS X versiones 10.5 anteriores a 10.5.3, permite a los atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de una fuente diseñada incorporada en un documento PDF, relacionado con una corrupción de memoria que ocurre durante la impresión. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020133 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29492 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42707 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0

Unspecified vulnerability in the Pixlet codec in Apple Pixlet Video in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file, related to "multiple memory corruption issues." Una vulnerabilidad no especificada en el códec Pixlet en Apple Pixlet Video en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de un archivo de película especialmente diseñado, relacionado con "multiple memory corruption issues." • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020132 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29489 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42706 •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information (user names) by reading the error message produced upon access to a nonexistent blog. Wiki Server en Apple Mac OS X versiones 10.5 anteriores a 10.5.3, permite a los atacantes remotos obtener información confidencial (nombres de usuario) mediante la lectura del mensaje de error producido al acceder a un blog inexistente. • http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://securitytracker.com/id?1020143 http://www.securityfocus.com/bid/29412 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 https://exchange.xforce.ibmcloud.com/vulnerabilities/42727 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •