|
261101
|
- |
|
apple
|
mac_os_x
|
Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive…
|
CWE-362
Race Condition
|
CVE-2007-5847
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261102
|
- |
|
easy_software_products
|
cups
|
Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that t…
|
CWE-189
Numeric Errors
|
CVE-2007-5849
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261103
|
- |
|
apple
|
mac_os_x
|
Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5850
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261104
|
- |
|
apple
|
mac_os_x
|
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5851
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261105
|
- |
|
apple
|
mac_os_x
|
Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with …
|
NVD-CWE-noinfo
|
CVE-2007-5853
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261106
|
- |
|
apple
|
mac_os_x
|
Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, which allows attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5854
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261107
|
- |
|
apple
|
mac_os_x
|
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available,…
|
CWE-287
Improper Authentication
|
CVE-2007-5855
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261108
|
- |
|
apple
|
mac_os_x
|
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.
|
CWE-16
CWE-264
Configuration
Permissions, Privileges, and Access Controls
|
CVE-2007-5856
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261109
|
- |
|
apple
|
mac_os_x
|
Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive info…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5857
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261110
|
- |
|
apple
|
safari
|
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that…
|
CWE-399
Resource Management Errors
|
CVE-2007-5859
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
