NotCVE - vendor:"Apple" product:"Mac Os X Server" version:" <= 10.6.2"

Page 98 of 777 results (0.006 seconds)

CVSS: 6.8EPSS: 2%CPEs: 4EXPL: 0

CVE-2008-0060

https://notcve.org/view.php?id=CVE-2008-0060

Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link. Help Viewer en Apple Mac OS X 10.4.11 y 10.5.2, permite a atacantes remotos ejecutar Applescript de su elección a través de la URL help:topic_list, la cual inyecta HTML o JavaScript dentro de una página de listado de topic, tal y como se ha demostrado usando el enlace help:runscript. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28371 http://www.securitytracker.com/id?1019657 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41295 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-0990

https://notcve.org/view.php?id=CVE-2008-0990

notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have originated from the kernel, which allows local users to cause a denial of service via spoofed death notifications that prevent other applications from receiving notifications. notifyd en Apple Mac OS X 10.4.11 no verifica que las notificaciones death (muerte) del puerto Mach sean originadas desde el kernel, lo que permite a usuarios locales provocar una denegación de servicio a través de notificaciones death falsas que evitan que otras aplicaciones reciban notificaciones. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28345 http://www.securitytracker.com/id?1019663 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41289 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.4EPSS: 2%CPEs: 2EXPL: 0

CVE-2008-0054

https://notcve.org/view.php?id=CVE-2008-0054

Foundation in Apple Mac OS X 10.4.11 might allow context-dependent attackers to execute arbitrary code via a malformed selector name to the NSSelectorFromString API, which causes an "unexpected selector" to be used. Foundation en Apple Mac OS X 10.4.11 podría permitir a atacantes dependientes del contexto ejecutar código de su elección a través de un nombre de selector mal formado a la API NSSelectorFromString, lo que provoca que se utilice "unexpected selector". • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28341 http://www.securitytracker.com/id?1019649 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41355 • CWE-20: Improper Input Validation •

CVSS: 5.8EPSS: 12%CPEs: 2EXPL: 0

CVE-2008-0058

https://notcve.org/view.php?id=CVE-2008-0058

Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that cause messages to be sent to a deallocated object. Condición de carrera en la funcionalidad de gestión de cache NSURLConnection en Foundation de Apple Mac OS X 10.4.11, permite a atacantes remotos ejecutar código de su elección a través de manipulaciones no especificadas que provocan que los mensajes sean enviados a un objeto no asignado. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28359 http://www.securitytracker.com/id?1019650 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41297 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-0994

https://notcve.org/view.php?id=CVE-2008-0994

Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which makes it easier for attackers to decrypt the file via brute force methods. Preview en Apple Mac OS X 10.5.2 utiliza RC4 de 40 bits cuando guarda un archivo PDF encriptado, lo que facilita que atacantes remotos puedan descifrar el archivo a través de métodos de fuerza bruta. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/29420 http://www.securityfocus.com/bid/28304 http://www.securityfocus.com/bid/28386 http://www.securitytracker.com/id?1019665 http://www.us-cert.gov/cas/techalerts/TA08-079A.html http://www.vupen.com/english/advisories/2008/0924/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41276 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

1...96 97 98 99 100