EUVD-2008-0069

Malware in sbrugna...

CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs...

Design/Logic Flaw

Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges...

CVE-2008-0056

Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager...

Stack overflow

Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager...

CVE-2008-0055

Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify copied files to cause a denial of service and possibly gain privileges...

CVE-2008-0056

Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager...

CVE-2008-0055

CVE-2008-0055 affects Apple Mac OS X 10.4.11. The vulnerability occurs when NSFileManager copies files recursively: it creates world-writable directories and then narrows permissions later, enabling local users to modify copied files and potentially cause a denial of service and privilege escalat...

CVE-2008-0056

Apple Mac OS X 10.4.11 is affected by a stack-based buffer overflow in Foundation’s NSFileManager triggered by an unusually long pathname. The issue allows context-dependent attackers to execute arbitrary code. The vulnerability stems from a overflow in NSFileManager when handling a path with an ...

Integer overflow

Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within 1 CFStringGetFileSystemRepresentation or 2...

CVE-2006-1443

Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within 1 CFStringGetFileSystemRepresentation or 2...