EUVD-2004-1395

Malware in sbrugna...

CVE-2006-4866

Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument...

Apple Mac OS X 10.x KExtLoad Buffer Overflow Weakness

No description provided by source. source: http://www.securityfocus.com/bid/20034/info Apple Mac OS X kextload is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied data before copying it to a finite-sized memory buffer. This issue is not...

Apple Mac OS X 10.x KExtLoad Format String Weakness

No description provided by source. source: http://www.securityfocus.com/bid/20031/info Apple Mac OS X 'kextload' is prone to a format-string vulnerability because it fails to sufficiently sanitize user-supplied input data. This issue is not exploitable by itself, because kextload is not installed...

CVE-2006-4866

CVE-2006-4866: Buffer overflow in Apple OS X kextload (used by TDIXSupport in Roxio Toast Titanium) can allow a local user to execute arbitrary code via a long extension argument. Exploitation is local with low complexity and no authentication; CVSS notes partial impact to confidentiality, integr...

CVE-2006-4866

Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument...

Apple Mac OSX 10.x - KExtLoad Format String

Apple Mac OSX 10.x - KExtLoad Format String source: https://www.securityfocus.com/bid/20031/info Apple Mac OS X 'kextload' is prone to a format-string vulnerability because it fails to sufficiently sanitize user-supplied input data. This issue is not exploitable by itself, because kextload is not...

Apple Mac OSX 10.x - KExtLoad Format String

source: https://www.securityfocus.com/bid/20031/info Apple Mac OS X 'kextload' is prone to a format-string vulnerability because it fails to sufficiently sanitize user-supplied input data. This issue is not exploitable by itself, because kextload is not installed as a setuid-superuser application...

CVE-2004-1398

CVE-2004-1398 describes a format string vulnerability in prelink.c within kextload on Apple OS X, used by TDIXSupport in Roxio Toast Titanium and possibly other products. The underlying issue arises from format string specifiers in the extension argument, enabling local users to execute arbitrary...

CVE-2004-1398

Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument...

Possible local root vulnerability in Roxio Toast on Mac OS X

Possible local root vulnerability in Roxio Toast on Mac OS X By fintler [email protected] Summary: There is a format string bug in the binary /Library/Application Support/Roxio/TDIXSupport. It is installed suid root by default and may be exploited by finding the offset and overwriting the stack...

Roxio Toast format string bug

TDIXSupport suid application format string bug...