|
261521
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private dir…
|
CWE-16
Configuration
|
CVE-2007-4687
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261522
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.
|
CWE-200
Information Exposure
|
CVE-2007-4688
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261523
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via craft…
|
CWE-399
Resource Management Errors
|
CVE-2007-4689
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261524
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
|
CWE-399
Resource Management Errors
|
CVE-2007-4690
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261525
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4691
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261526
|
- |
|
apple
|
safari
|
The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly…
|
CWE-287
Improper Authentication
|
CVE-2007-4692
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261527
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to…
|
CWE-287
Improper Authentication
|
CVE-2007-4693
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261528
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4694
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261529
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads.
|
CWE-20
Improper Input Validation
|
CVE-2007-4695
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261530
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vector…
|
NVD-CWE-noinfo
|
CVE-2007-4697
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
