48 matches found
Kernel Security Bypass Vulnerability in Multiple Apple Products (CNVD-2018-00179)
Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. macOS High Sierra is a specialized operating system developed for Mac computers. tvOS is a smart TV operating system. watchOS is a smart watch operating system...
UBUNTU-CVE-2017-5089
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name...
Apple macOS Sierra Foundation Component Memory Corruption Vulnerability
Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.Foundation is one of the components that defines the Objective-C class base layer. A memory corruption vulnerability exists in the Foundation component in Apple macOS Sierra versions prior to 10.12.6. A remo...
Multiple Apple Products libxslt Memory Corruption Denial of Service Vulnerability (CNVD-2016-05749)
Apple iOS is an operating system for mobile devices; OS X is a specialized operating system for Mac computers; tvOS is an operating system for smart TVs; and watchOS is an operating system for smart watches. libxslt is an XSLTC library developed for the GNOME project. A security vulnerability in...
Apple OS X ASN.1 Parser Memory Corruption Vulnerability (CNVD-2015-08144)
Apple OS X is an operating system developed by Apple Inc. A security vulnerability in the handling of special certificates by the Apple OS X ASN.1 resolver allows attackers to conduct denial of service attacks or execute arbitrary code by submitting a certificate request...
Apple iOS BOM Catalog Traversal Vulnerability
OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. iOS is an operating system developed by Apple for mobile devices. A directory traversal security vulnerability exists in the BOM in Apple iOS versions prior to 9.1, Apple OS X versions...
UBUNTU-CVE-2015-5132
Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a differen...
Apple Mac OS X 'entity' Parameter Cross-Site Scripting Vulnerability
Apple Mac OS X is a commercial operating system. A cross-site scripting vulnerability exists in the Apple Mac OS X 'entity' parameter. Because the program fails to properly filter user-supplied input, an attacker could exploit the vulnerability to execute arbitrary script code in the browser of a...
Apple Computer Finder DMG Volume Name Memory Corruption - Ver2 (CVE-2007-0197)
Apple Computer Mac OS X is the operating system bundled with Apple Macintosh computers. The graphical user interface shell of Mac OS X, Finder, allows for graphical browsing of the system. The Finder is also responsible for user-management of files, disks, network volumes and the launching of oth...
Apple Mac OS X Safari <= 2.0.3 (417.9.2) (ROWSPAN) DoS PoC
No description provided by source. !-- Apple Mac OS X Safari 2.0.3 Vulnerability ========================================= Author: Yannick von Arx Email: yannickdotvonarxatyanuxdotch Release Date: April 23th, 2006 Vendor: Apple Computer Inc. Tested on: iBook G4 1.2 GHz with Mac OS X 10.4.5 Build...
Apple Computer Finder DMG Volume Name Memory Corruption (CVE-2007-0197)
Apple Computer Mac OS X is the operating system bundled with Apple Macintosh computers. The graphical user interface shell of Mac OS X, Finder, allows for graphical browsing of the system. The Finder is also responsible for user-management of files, disks, network volumes and the launching of oth...
NSD vulnerable to one-byte overflow
Overview A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow. Description Name server daemon NSD is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when...
Core Image Fun House <= 2.0 Arbitrary Code Execution PoC (OSX)
No description provided by source. !/usr/bin/ruby Copyright c Netragard, LLC. [email protected] /Developer/Applications/Graphics Tools/Core Image Fun House.app /Contents/MacOS/Core Image Fun House gdb x/10s 0xbfffddf7 0xbfffddf7: 'Z' repeats 101 times, "DCBA center" 2007-07-10 21:15:34.573 Cor...
Apple Safari WebKit fails to properly handle a crafted URL
Overview A vulnerability in the way Apple Mac OS X handles specially crafted URLs may allow an attacker to execute script in the context of another site.. Description According to Apple Safari 3.1.1: An issue exists in WebKit's handling of URLs containing a colon character in the host name. Openi...
Shadow Utils useradd utility sets incorrect file permissions
Overview The Shadow Utilities contain a vulnerability that may result in new user mailboxes having arbitrary permissions. Description The Shadow Utilities provide tools to manage user accounts.When a new mailbox is created using the useradd utility, the open function does not receive the expected...
Adobe Flash Player FLV integer overflow
Overview A vulnerability in the Adobe Flash Player could allow a remote attacker to execute arbitrary code on an affected system. Description Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser. An integer...
Apple QuickTime for Java information disclosure vulnerability
Overview Apple QuickTime for Java fails to properly clear memory. As a result, sensitive information may be exposed to unintended parties. Description Apple QuickTime includes the ability to integrate QuickTime into Java applications and applets. This feature is known as QuickTime for Java. Apple...
Samba NDR MS-RPC heap buffer overflow
Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...
gzip contains a buffer underflow
Overview The gzip program contains a buffer underflow vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition. Description The gzip program is used to compress and decompress archived files.A buffer underflow vulnerability exists in gzip. An...
gzip contains an array out-of-bounds vulnerability in make_table()
Overview The gzip program contains a stack modification vulnerability that may allow an attacker to execute arbitrary code, or create a denial-of-service condition.. Description The gzip program is used to compress and decompress archived files.A stack modification vulnerability exists in gzip. A...