CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2011-0178
https://notcve.org/view.php?id=CVE-2011-0178
23 Mar 2011 — The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory. La API FSFindFolder en CarbonCore en Apple Mac OS X antes de v10.6.7 ofrece un directorio de lectura global en respuesta a una llamada con el indicador kTemporaryFolderType, permite a usuarios locales obtener información sensible mediante el acceso a es... • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 0CVE-2008-2320
https://notcve.org/view.php?id=CVE-2008-2320
04 Aug 2008 — Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API. Un desbordamiento de búfer en la región stack de la memoria en CarbonCore en Mac OS X versiones 10.4.11 y 10.5.4, iPhone OS versiones 1.0 hasta 2.2.1, y iPhone OS para iPod touch versiones 1.1 hasta... • http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •