|
261021
|
- |
|
apple
|
mac_os_x
|
Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working director…
|
CWE-22
Path Traversal
|
CVE-2007-4683
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261022
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4685
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261023
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private dir…
|
CWE-16
Configuration
|
CVE-2007-4687
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261024
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.
|
CWE-200
Information Exposure
|
CVE-2007-4688
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261025
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via craft…
|
CWE-399
Resource Management Errors
|
CVE-2007-4689
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261026
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.
|
CWE-399
Resource Management Errors
|
CVE-2007-4690
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261027
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4691
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261028
|
- |
|
apple
|
safari
|
The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly…
|
CWE-287
Improper Authentication
|
CVE-2007-4692
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261029
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to…
|
CWE-287
Improper Authentication
|
CVE-2007-4693
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261030
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4694
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
