101 matches found
USN-638-1: Yelp vulnerability
Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges...
CVE-2008-1034
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted help:topic URL that triggers a buffer overflow...
Integer overflow
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted help:topic URL that triggers a buffer overflow...
CVE-2008-1034
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted help:topic URL that triggers a buffer overflow...
Apple Mac OS X multiple security vulnerabilities
AFP server directory traversal, Apache updates, AppKit memory corruption, Apple Pixlet Video multiple memory corruptions, Apple Type Services PDF printing fonts memory corruption, SSL information leak, multiple vulnerabilities in Graphics and Image engines on different filetypes and multimedia...
Apple Mac OS X 2008-003更新修复多个安全漏洞
BUGTRAQ ID: 29412 CVECAN ID: CVE-2008-1027,CVE-2008-1028,CVE-2008-1577,CVE-2008-1575,CVE-2008-1580,CVE-2008-1030,CVE-2008-1031,CVE-2008-1032,CVE-2008-1033,CVE-2008-1034,CVE-2008-1035,CVE-2008-1036,CVE-2008-1571,CVE-2008-1572,CVE-2008-1573,CVE-2008-1574,CVE-2008-1576,CVE-2008-1578,CVE-2008-1579 Ma...
Apple Help Viewer vulnerable to buffer overflow
Overview A vulnerability in the way Apple Help Viewer handles specially crafted URLs may allow an attacker to execute arbitrary code or cause a denial of service. Description According to Apple Security Update 2008-003: An integer underflow in Help Viewer's handling of help:topic URLs may result ...
Hardcoded credentials
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topiclist URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link...
CVE-2008-0060
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topiclist URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link...
CVE-2007-0647
Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function...
Format string
Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function...
MOAB-30-01-2007: Multiple Apple Software Format String Vulnerabilities
Summary As MOAB begins to come to a close we have decided that it is time for a montage of some sort. By definition alone we can bring you nothing short of a closely juxtaposed composite of pure pwnage. Lucky for us Apple's AppKit framework and a few Apple Developers are all we need. Previously w...
CVE-2007-0647
CVE-2007-0647 describes a format string vulnerability in Help Viewer 3.0.0 that allows remote user‑assisted attackers to cause a denial of service (crash) via malformed format specifiers in a filename, triggered when calling the NSBeginAlertSheet Apple AppKit function. The vulnerability affects H...
CVE-2007-0647
Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function...
Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String
Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting the...
Apple Mac OSX 10.4.x - Help Viewer '.help' Filename Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...
Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String
Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting...
Apple Mac OSX 10.4.x - iPhoto 'photo://' URL Handling Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...
Apple Mac OSX 10.4.x - Safari window.console.log Format String
Apple Mac OSX 10.4.x - Safari window.console.log Format String source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting thes...
Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String
source: https://www.securityfocus.com/bid/22326/info Multiple products for Mac OS X are prone to multiple remote format-string vulnerabilities. The affected applications include Help Viewer, Safari, iPhoto, and iMovie. Exploiting these issues can allow attacker-supplied data to be written to...