8517 matches found
CVE-2007-0644
Format string vulnerability in Apple Safari 2.0.4 419.3 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in filenames that are not properly handled when calling the 1 NSLog and 2 NSBeginAlertSheet Apple AppKit functions...
CVE-2007-0647
CVE-2007-0647 describes a format string vulnerability in Help Viewer 3.0.0 that allows remote user‑assisted attackers to cause a denial of service (crash) via malformed format specifiers in a filename, triggered when calling the NSBeginAlertSheet Apple AppKit function. The vulnerability affects H...
CVE-2007-0645
Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions...
Xine M3U远程格式串漏洞
Xine是一款开放源代码的媒体处理程序。 Xine处理.m3u文件存在格式串问题,远程攻击者可以利用漏洞以应用程序执行任意指令。 构建恶意.m3u文件,会导致VLC播放程序处理时崩溃,导致任意指令执行。 xine xine-ui 0.99.4 xine xine-ui 0 MandrakeSoft Linux Mandrake 2007.0 x8664 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 3.0 x8664 MandrakeSoft Corporate Server 3.0...
CVE-2007-0646
CVE-2007-0646 describes a format string vulnerability in iMovie HD 6.0.3 and Safari on Mac OS X 10.4–10.4.10. The issue arises when handling format specifiers in filenames passed to NSRunCriticalAlertPanel, allowing remote user‑assisted crashes (DoS). Connected Nessus entries reference Mac OS X S...
CVE-2007-0644
CVE-2007-0644 affects Apple Safari 2.0.4 (419.3). The issue is a format string vulnerability where untrusted format specifiers in filenames are mishandled when calling AppKit’s NSLog and NSBeginAlertSheet, leading to remote user‑assisted denial of service (crash). Affected component: Safari 2.0.4...
Ipswitch WS_FTP 2007 SCP处理格式串漏洞
Ipswitch WSFTP是一款FTP服务程序。 Ipswitch WSFTP包含的SCP模块存在格式串问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 打开特殊构建的SCP文件,WSFTP 2007脚本会导致格式串错误。特殊构建文件使用WSFTP脚本命令"SHELL"和执行特殊文件名。文件使用"file://"访问。 Ipswitch WS FTP Server Professional 2007 目前没有解决方案提供,请关注以下链接: http://www.ipswitch.com/products/wsftp/home/index.asp...
MOAB-30-01-2007: Multiple Apple Software Format String Vulnerabilities
Summary As MOAB begins to come to a close we have decided that it is time for a montage of some sort. By definition alone we can bring you nothing short of a closely juxtaposed composite of pure pwnage. Lucky for us Apple's AppKit framework and a few Apple Developers are all we need. Previously w...
CVE-2007-0645
CVE-2007-0645 affects iPhoto 6.0.5 and is a format-string vulnerability in filenames that is triggered during calls to Apple AppKit functions. The vulnerability is described as allowing remote user‑assisted attackers to cause a denial of service (crash). The primary sources (NVD and CVE records) ...
CVE-2007-0647
Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function...
Apple multiple applications format string vulnerabilities
Format string vulnerabilities in multiple client applications...
CVE-2007-0465
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a 1 PKG, 2 DISTZ, or 3 MPKG package filename...
CVE-2007-0465
CVE-2007-0465 describes a format-string vulnerability in Apple’s Installer (Mac OS X 10.4.8, Apple Installer 2.1.5). The flaw arises during parsing of package filenames that can contain format specifiers in (PKG, DISTZ, MPKG) files, enabling a user-assisted remote attacker to execute arbitrary co...
CVE-2007-0465
Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a 1 PKG, 2 DISTZ, or 3 MPKG package filename...
Apple Mac OSX 10.4.x - Safari window.console.log Format String
Apple Mac OSX 10.4.x - Safari window.console.log Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting thes...
Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String
Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting the...
Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String
Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting...
Apple Mac OSX 10.4.x - iPhoto photo: URL Handling Format String
Apple Mac OSX 10.4.x - iPhoto photo: URL Handling Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting the...
Apple Mac OSX 10.4.x - Safari window.console.log Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...
Apple Mac OSX 10.4.x - Help Viewer '.help' Filename Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...