CVE-2007-0914

Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service system panic via unknown vectors...

Apple Airport Extreme fails to properly process 802.11 frames

Overview A vulnerability exists in the Apple AirPort Extreme wireless driver that may allow an attacker to crash a vulnerable system. Description The Apple AirPort Extreme adapter is an 802.11g compatible wireless adapter used in Apple OS X laptops and desktops. A flaw exists in the way AirPort...

Sun Solaris畸形ICMP报文远程拒绝服务漏洞

Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 10 ICMP报文处理过程实现上存在安全漏洞，远程非特权用户可能利用此漏洞导致拒绝服务（DoS）。 如果触发了上述漏洞，系统可能变得忙碌，栈追踪类似于： ip:illrefrele+0x80x0, 0x0, 0x0, 0x1010 ip:ipoutput+0x149c0x0?, 0x6000864f2c0?, 0x60001bcede0?, , 0x2 ip:ipwput0x60001bcede0, 0x600053ac140 - frame recycled...

Heap overflow

Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit Transmit.app up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL...

CVE-2007-0020

Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit Transmit.app up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL...

CVE-2007-0020

CVE-2007-0020 affects Panic Transmit (Transmit.app) via the SFTP protocol handler. The flaw is a heap-based buffer overflow that can be triggered by a long ftps:// URL, impacting Transmit.app up to version 3.5.5. This allows remote attackers to attempt arbitrary code execution. The connected docu...

CVE-2007-0020

Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit Transmit.app up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL...

EUVD-2007-0024

Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit Transmit.app up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL...

Design/Logic Flaw

The dohfstruncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service kernel panic via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal...

CVE-2007-0318

The CVE-2007-0318 entry affects Mac OS X 10.4.8 and arises from the do_hfs_truncate function. A crafted HFS+ filesystem in a DMG image can trigger an access of an invalid vnode structure during file removal, leading to a kernel panic (DoS). No explicit remediation is provided in the supplied docu...

Integer overflow

Integer overflow in the byteswapsbin function in bsd/ufs/ufs/ufsbyteorder.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service kernel panic by mounting a crafted Unix File System UFS DMG image, which triggers an invalid pointer dereference...

CVE-2007-0299

Integer overflow in the byteswapsbin function in bsd/ufs/ufs/ufsbyteorder.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service kernel panic by mounting a crafted Unix File System UFS DMG image, which triggers an invalid pointer dereference...

CVE-2007-0299

The CVE-2007-0299 vulnerability affects Apple Mac OS X 10.4.8 where the integer overflow in the byte_swap_sbin() function of the UFS DMG handling (ufs_byte_order.c) can be triggered by mounting a crafted DMG image. This may cause an invalid pointer dereference leading to a denial-of-service (kern...

Cross site scripting

The ufslookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service kernel panic and possibly corrupt other filesystems by mounting a crafted UNIX File System UFS DMG image that contains a corrupted directory entry struct direct, related to the...

CVE-2007-0267

The CVE-2007-0267 issue affects Mac OS X 10.4.8 and FreeBSD 6.1 kernels, where the ufs_lookup function can be triggered to cause a denial of service (kernel panic) and potentially corrupt other filesystems by mounting a crafted UFS DMG image containing a corrupted directory entry (struct direct) ...

CVE-2007-0236

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

Double free

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

CVE-2007-0236

Double free vulnerability in the ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service kernel panic and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow...

MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability

Summary A specially crafted HFS+ filesystem in a DMG image can cause the dohfstruncate function to panic the kernel denial of service, when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+...

MOAB-12-01-2007: Apple DMG UFS ufs_lookup() Denial of Service Vulnerability

Summary A specially crafted UFS filesystem in a DMG image can cause the ufslookup function to call ufsdirbad when a corrupted directory entry is being read, leading to a kernel panic denial of service. This issue can't lead to arbitrary code execution. Affected versions This issue has been verifi...