EUVD-2009-2793

Malware in sbrugna...

EUVD-2009-0033

Malware in sbrugna...

macOS iMessage - Heap Overflow when Deserializing

macOS iMessage - Heap Overflow when Deserializing There is a heap overflow in NSURL initWithCoder: that can be reached via iMessage and likely other paths. When an NSURL is deserialized, one property its plist can contain is NS.minimalBookmarkData, which is then used as a parameter for NSURL...

macOS iMessage - Heap Overflow when Deserializing Exploit

macOS iMessage - Heap Overflow when Deserializing Exploit There is a heap overflow in NSURL initWithCoder: that can be reached via iMessage and likely other paths. When an NSURL is deserialized, one property its plist can contain is NS.minimalBookmarkData, which is then used as a parameter for...

macOS iMessage - Heap Overflow when Deserializing

There is a heap overflow in NSURL initWithCoder: that can be reached via iMessage and likely other paths. When an NSURL is deserialized, one property its plist can contain is NS.minimalBookmarkData, which is then used as a parameter for NSURL...

Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)

This host is missing an important security update according to Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001. OpenVAS Vulnerability Test $Id: secpodmacosxsu11-001.nasl 7015 2017-08-28 11:51:24Z teissa $ Mac OS X v10.6.6 Multiple Vulnerabilities 2011-001 Authors: Antu Sanadi Copyright:...

CVE-2011-0178

The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory...

CVE-2011-0178

CVE-2011-0178 concerns the CarbonCore FSFindFolder API on Mac OS X prior to 10.6.7. When called with the kTemporaryFolderType flag, FSFindFolder returns a world-readable directory, enabling a local attacker to access potentially sensitive information via this directory. The core issue is an infor...

Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7. Mac OS X 10.6.7 contains security fixes for the following products : - AirPort - Apache - AppleScript - ATS - bzip2 - CarbonCore - ClamAV - CoreText - File Quarantine - HFS - ImageIO - Image RAW - Installer - Kerbero...

Mac OS X 10.6 < 10.6.7 Multiple Vulnerabilities

Binary data 800796.prm...

Mac OS X Security Update 2008-005

The remote host is missing Security Update 2008-005. One or more of the following components are affected: Open Scripting Architecture BIND CarbonCore CoreGraphics Data Detectors Engine Disk Utility OpenLDAP OpenSSL PHP QuickLook rsync OpenVAS Vulnerability Test Mac OS X Security Update 2008-005...

Mac OS X Security Update 2008-005

The remote host is missing Security Update 2008-005. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X Security Update 2009-005

The remote host is missing Security Update 2009-005. One or more of the following components are affected: Alias Manager CarbonCore ClamAV ColorSync CoreGraphics CUPS Flash Player plug-in ImageIO Launch Services MySQL PHP SMB Wiki Server OpenVAS Vulnerability Test Mac OS X Security Update 2009-00...

Mac OS X Security Update 2009-001

The remote host is missing Security Update 2009-001. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Memory corruption

CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a file with a crafted resource fork...

Mac OS X Multiple Vulnerabilities (Security Update 2009-005)

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-005 applied. This security update contains fixes for the following products : - Alias Manager - CarbonCore - ClamAV - ColorSync - CoreGraphics - CUPS - Flash Player plug-in - ImageIO - Launch...

CVE-2009-0020

Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via a crafted resource fork that triggers memory corruption...

Memory corruption

Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via a crafted resource fork that triggers memory corruption...

CVE-2009-0020

Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service application termination and execute arbitrary code via a crafted resource fork that triggers memory corruption...

CVE-2009-0020

CVE-2009-0020 affects Apple Mac OS X 10.4.11 and 10.5.6 via the CarbonCore component. A crafted resource fork triggers memory corruption, enabling remote code execution or application termination. Remediation: apply Apple Security Update 2009-001 (as referenced by OpenVAS/NVD records). Exploitati...