Lucene search
+L

202 matches found

0day.today
0day.today
added 2007/01/05 12:0 a.m.26 views

Mac OS X 10.4.8 DiskManagement BOM (cron) Privilege Escalation Exploit

Exploit for macOS platform in category local exploits ====================================================================== Mac OS X 10.4.8 DiskManagement BOM cron Privilege Escalation Exploit ====================================================================== !/usr/bin/ruby c 2006 LMH code...

6.8AI score
Exploits0
NVD
NVD
added 2006/08/02 4:4 p.m.25 views

CVE-2006-3497

Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted Zip archive...

5.1CVSS7.3AI score0.03858EPSS
Exploits2References7
CVE
CVE
added 2006/08/02 4:0 p.m.61 views

CVE-2006-3497

CVE-2006-3497 : A memory corruption vulnerability in Mac OS X’s Bom caused by the compression state handling of ZIP archives. A crafted ZIP file could crash the application or allow arbitrary code execution with the user’s privileges. Affected systems include Mac OS X 10.3.9 and 10.4.7. Remediati...

5.1CVSS7.3AI score0.03858EPSS
Exploits2References7Affected Software2
Cvelist
Cvelist
added 2006/08/02 4:0 p.m.35 views

CVE-2006-3497

Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted Zip archive...

7.3AI score0.03858EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2006/07/20 1:41 p.m.6 views

security flaw

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

4.3CVSS5.7AI score0.0167EPSS
Exploits0References4
NVD
NVD
added 2006/06/02 7:2 p.m.18 views

CVE-2006-2783

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

4.3CVSS6.9AI score0.0167EPSS
Exploits0References58
Prion
Prion
added 2006/06/02 7:2 p.m.25 views

Cross site scripting

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

4.3CVSS5.4AI score0.0167EPSS
Exploits0References58Affected Software2
UbuntuCve
UbuntuCve
added 2006/06/02 7:2 p.m.30 views

CVE-2006-2783

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

4.3CVSS5.9AI score0.0167EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/06/02 7:0 p.m.27 views

CVE-2006-2783

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

6.9AI score0.0167EPSS
Exploits0References58
CVE
CVE
added 2006/06/02 7:0 p.m.87 views

CVE-2006-2783

Technical details for CVE-2006-2783 are not publicly provided in the supplied documents. Monitor for updates.

4.3CVSS6.9AI score0.0167EPSS
Exploits0References58Affected Software2
Debian CVE
Debian CVE
added 2006/06/02 7:0 p.m.28 views

CVE-2006-2783

Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...

4.3CVSS5.5AI score0.0167EPSS
Exploits0
Mozilla
Mozilla
added 2006/06/01 12:0 a.m.33 views

Web site XSS using BOM on UTF-8 pages — Mozilla

Masatoshi Kimura reports that the Unicode Byte-order-Mark BOM is stripped from UTF-8 pages during the conversion to Unicode before the parser sees the web page. As a result the parser will see and process script tags that web input sanitizers may miss because they appear as "scrBOMipt" or similar...

4.3CVSS1AI score0.0167EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2006/05/12 9:2 p.m.12 views

CVE-2006-1440

BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links...

2.1CVSS6.2AI score0.00368EPSS
Exploits0References8
Prion
Prion
added 2006/05/12 9:2 p.m.14 views

Code injection

BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links...

2.1CVSS6.3AI score0.00368EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2006/05/12 9:0 p.m.65 views

CVE-2006-1440

The CVE-2006-1440 entry affects Apple Mac OS X, specifically versions 10.3.9 and 10.4.6. The vulnerability arises from a BOM-related issue where an archive containing symbolic links can lead attackers to overwrite arbitrary files. The connected documents corroborate the same description, reinforc...

2.1CVSS6.2AI score0.00368EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2006/05/12 9:0 p.m.22 views

CVE-2006-1440

BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links...

6.2AI score0.00368EPSS
Exploits0References8
securityvulns
securityvulns
added 2006/05/12 12:0 a.m.68 views

[SA20077] Mac OS X Security Update Fixes Multiple Vulnerabilities

TITLE: Mac OS X Security Update Fixes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA20077 VERIFY ADVISORY: http://secunia.com/advisories/20077/ CRITICAL: Highly critical IMPACT: Security Bypass, Exposure of sensitive information, DoS, System access WHERE: From remote OPERATING SYSTEM: Apple...

0.1AI score
Exploits0
CVE
CVE
added 2006/04/21 10:0 p.m.56 views

CVE-2006-1985

CVE-2006-1985: Heap-based buffer overflow in BOM BOMArchiveHelper (Mac OS X 10.4.6 and earlier) allows user-assisted arbitrary-code execution via crafted archives with long path names, triggering BOMStackPop. Documented impact and vulnerable component are described; no remediation details are pro...

5.1CVSS7.8AI score0.13907EPSS
Exploits0References13Affected Software1
Prion
Prion
added 2006/03/03 10:2 p.m.24 views

Directory traversal

Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper...

1.7CVSS6.9AI score0.00506EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2006/03/03 10:2 p.m.28 views

CVE-2006-0391

Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper...

1.7CVSS6.7AI score0.00506EPSS
Exploits0References9
Rows per page
Query Builder