Search criteria
8 vulnerabilities found for installer by apple
VAR-200701-0398
Vulnerability from variot - Updated: 2024-07-23 20:45Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename. Apple Installer is the application responsible for installing Mac OS X software packages.
Secunia is proud to announce the availability of the Secunia Software Inspector.
The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.
Try it out online: http://secunia.com/software_inspector/
TITLE: Ubuntu update for krb5
SECUNIA ADVISORY ID: SA23772
VERIFY ADVISORY: http://secunia.com/advisories/23772/
CRITICAL: Highly critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Ubuntu Linux 6.10 http://secunia.com/product/12470/ Ubuntu Linux 6.06 http://secunia.com/product/10611/
DESCRIPTION: Ubuntu has issued an update for krb5. This fixes a vulnerability, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
For more information: SA23696
SOLUTION: Apply updated packages.
Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.diff.gz Size/MD5: 1447550 546659a7ce8758c26c33d0241adb992d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.dsc Size/MD5: 848 ed669b2e38c5b3b6701401b99bbdb3cb http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.2_all.deb Size/MD5: 852734 748a61c88e96abcc2fd922acdafbd56c
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 79686 a56316c071cbdae9f33b10166e204340 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 222738 173b8846edc4d84b0880b293ebd819f8 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 59876 11c96393564f5422e884cda60671688d http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 134570 c2fa98268d5c486988eae91040441720 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 84774 7dc407371c107d79c69ffe054f702ba7 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 67044 4a01011a78cf0c299df6b36384c0950b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 129430 2acabc3bcb9323fa28a69e306694a1ec http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 190294 a4044fce177ca61f9b24ff9515443e5f http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 768212 bba4e4f35f90a58177f14d35d9fccf1e http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_amd64.deb Size/MD5: 425220 e16e7b2709af4fb8a88a0819cdfc1a40
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 71660 d38e87ecea34868e1dac394b9047c382 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 186752 12424ad58c808a4867f0db0d014a34ec http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 53844 3aa5f6a9ae2cb49659a0577ea972d0af http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 121068 9a1fcd42b91849f0a4ce3c1614c3dbb9 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 75438 9b264a66dff08d0206370a43058687d1 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 58204 6e89a58b9d435c6e1422537a18da2dc1 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 118528 82f62332c5bae9177ce1f356b824279e http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 165130 0968da19d0bdac05e716825ba045f5e5 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 646560 89ccbd05cda4887245d7d5c5cd77d383 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_i386.deb Size/MD5: 380650 8a8e6bebd4955809ef62a27cc7eb8918
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 79712 119d48198050bd5e24c711c895770bf0 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 220080 3025e485a43fd6a67c6d7716f1efad63 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 59084 97104b0dcfc3a4dacd5c1334766c488b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 135552 b1c5a4334633412e8c64d808b4a30280 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 84632 b7a70d1cb0513523911248231bbcca82 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 65420 9300e4d62e4dedad6ac85647fe157ee2 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 134396 f07964b5364af26ac18bc4c37ff71e3f http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 177082 8488709500858a66f07183a193a249e7 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 751382 96e57442a0caa1e574f0581327fc9e1a http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_powerpc.deb Size/MD5: 395444 b672282f98601ebe9340f251d7e2dd46
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 72292 ed56430a6017fe52fd34e8724ff5892d http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 196928 2dff67f37591eede7be792c836028920 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 55818 1de2f224962fd6e7f9a5a642995a2fb6 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 123914 871a22e98608033db8dbc3e85d18e430 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 76454 c8f134cee518c209e4f068d59e7bc90e http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 61752 e15353f761ff1b052ff790c3b22d9f03 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 120102 a72b86d5911ebf7d90454e20a5d3d6a7 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 164630 2ba7eb220cee2ef90c433520dc22bd1d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 677878 53436fc167794aa6c7e4538156b279e4 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_sparc.deb Size/MD5: 368236 8cfe1fb1b04f054211103b96bd85d4d0
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.diff.gz Size/MD5: 1468259 a89554ee72ae46193497b5fdb86359e5 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.dsc Size/MD5: 883 92b415a7e46614bc10a6fad2971a13a4 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz Size/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.1_all.deb Size/MD5: 853430 3958e9a508ef75081c289378ee06cb5d
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 81062 5e7b14c23de60189762b3776991256a3 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 223934 6cbf0f868012e01518617369f4c09d78 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 61134 c2420e53a8369ef1fb7150d8a486dd3c http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 138648 38ffe1ee542695b7e7110f752b02a735 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 86946 da6f24f2da9e84b2e13c0a296c8bdfcb http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 67556 711861722d5ef9e31d6d641076574df6 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 130170 53bf2f36db32694986426840efce7a63 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 190180 27a2f0cf1711ddf7498b20073363c5f6 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 1072552 d9f4df032a6d0b24d4b948cdc2a17ec3 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 771828 8a490a2198a58ccea514e43ab68bce88 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_amd64.deb Size/MD5: 427562 f60e228b07f072ee64e66d16b01c80c9
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 74768 07466ce7134858695cd2608f7d916bc9 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 195996 77d746677df270dc89773c13f4231e98 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 56642 33f6895466f028e4f7e60fe6d0102d7b http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 128984 d57c3ae641ffc63cde21557c3db9355c http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 79602 6be865799bcf85edb35c541df35b9245 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 61366 e9c4b39d8228118d03d5df02123e437d http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 121716 588addedfb49a64c09a8517740d039d9 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 172370 b6674bf633bf623d54d53d8ee57120e5 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 1024338 53cef35e866ba9bfa14ebb7727b10c9d http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 672520 7c1313e3eb84a448479af34eda9a0233 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_i386.deb Size/MD5: 403646 b30ac3ba3dc11650ef9a74b5b1d9368a
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 81626 eb56ed7461f47af49023f2027d71a249 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 222676 f847921d673ba513a11b2e4da26c6589 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 61324 94d69c98e2439ead3b38757fb6503917 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 140824 a3a2c75ca459aadf29db4af247832cac http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 86812 8747cbb5e22b1611d0f35d413a29dfb8 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 66622 e03d52dd334c788d3fb7583660ac25af http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 136342 0048a761afaabaffb847273c88cb7758 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 179554 59ca8bdf4afa0ea09432aaa2e53facf7 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 1076132 98f942e3252e3f377cd24c03dfae7120 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 757874 00cde304e78bdd85ca75454ae31f9056 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_powerpc.deb Size/MD5: 398636 15cd61e388f2e658709577c6c17ed9f4
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 74648 a9d42678fb3d7d508c087ae7eb075eec http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 203198 2aeac236c8864c757a55870190918302 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 58498 22079ad35df8ceea0857319eb533ee35 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 129158 a5b36aeb90baba94d569f41d21f16548 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 79926 d889cf2987c8c48a6aef9b566ad14238 http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 63040 6e9f3b3ad95536ee494d73e8ee3d252a http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 122238 bd59626426b7690742520d2151b58a3c http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 166480 fd69c12e642a168d39ce209c1647d433 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 957280 de94391f1d289fbe3c7639f8ca8cf303 http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 684606 511b01e003f876bde73badddeda105ab http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_sparc.deb Size/MD5: 373600 66c24f51433ff5ce4670bc91f04a6187
ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-408-1
OTHER REFERENCES: SA23696: http://secunia.com/advisories/23696/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0398",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "installer",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "2.1.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.9"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:installer:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LMH lmh@info-pull.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0465",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-0465",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "VHN-23827",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0465",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-551",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23827",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23827"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename. Apple Installer is the application responsible for installing Mac OS X software packages. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nUbuntu update for krb5\n\nSECUNIA ADVISORY ID:\nSA23772\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/23772/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nUbuntu Linux 6.10\nhttp://secunia.com/product/12470/\nUbuntu Linux 6.06\nhttp://secunia.com/product/10611/\n\nDESCRIPTION:\nUbuntu has issued an update for krb5. This fixes a vulnerability,\nwhich can potentially be exploited by malicious people to cause a DoS\n(Denial of Service) or compromise a vulnerable system. \n\nFor more information:\nSA23696\n\nSOLUTION:\nApply updated packages. \n\nUbuntu 6.06 LTS:\n\nSource archives:\n\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.diff.gz\nSize/MD5: 1447550 546659a7ce8758c26c33d0241adb992d\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.dsc\nSize/MD5: 848 ed669b2e38c5b3b6701401b99bbdb3cb\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz\nSize/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af\n\nArchitecture independent packages:\n\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.2_all.deb\nSize/MD5: 852734 748a61c88e96abcc2fd922acdafbd56c\n\namd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 79686 a56316c071cbdae9f33b10166e204340\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 222738 173b8846edc4d84b0880b293ebd819f8\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 59876 11c96393564f5422e884cda60671688d\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 134570 c2fa98268d5c486988eae91040441720\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 84774 7dc407371c107d79c69ffe054f702ba7\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 67044 4a01011a78cf0c299df6b36384c0950b\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 129430 2acabc3bcb9323fa28a69e306694a1ec\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 190294 a4044fce177ca61f9b24ff9515443e5f\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 768212 bba4e4f35f90a58177f14d35d9fccf1e\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_amd64.deb\nSize/MD5: 425220 e16e7b2709af4fb8a88a0819cdfc1a40\n\ni386 architecture (x86 compatible Intel/AMD)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 71660 d38e87ecea34868e1dac394b9047c382\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 186752 12424ad58c808a4867f0db0d014a34ec\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 53844 3aa5f6a9ae2cb49659a0577ea972d0af\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 121068 9a1fcd42b91849f0a4ce3c1614c3dbb9\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 75438 9b264a66dff08d0206370a43058687d1\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 58204 6e89a58b9d435c6e1422537a18da2dc1\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 118528 82f62332c5bae9177ce1f356b824279e\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 165130 0968da19d0bdac05e716825ba045f5e5\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 646560 89ccbd05cda4887245d7d5c5cd77d383\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_i386.deb\nSize/MD5: 380650 8a8e6bebd4955809ef62a27cc7eb8918\n\npowerpc architecture (Apple Macintosh G3/G4/G5)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 79712 119d48198050bd5e24c711c895770bf0\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 220080 3025e485a43fd6a67c6d7716f1efad63\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 59084 97104b0dcfc3a4dacd5c1334766c488b\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 135552 b1c5a4334633412e8c64d808b4a30280\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 84632 b7a70d1cb0513523911248231bbcca82\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 65420 9300e4d62e4dedad6ac85647fe157ee2\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 134396 f07964b5364af26ac18bc4c37ff71e3f\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 177082 8488709500858a66f07183a193a249e7\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 751382 96e57442a0caa1e574f0581327fc9e1a\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_powerpc.deb\nSize/MD5: 395444 b672282f98601ebe9340f251d7e2dd46\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 72292 ed56430a6017fe52fd34e8724ff5892d\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 196928 2dff67f37591eede7be792c836028920\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 55818 1de2f224962fd6e7f9a5a642995a2fb6\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 123914 871a22e98608033db8dbc3e85d18e430\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 76454 c8f134cee518c209e4f068d59e7bc90e\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 61752 e15353f761ff1b052ff790c3b22d9f03\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 120102 a72b86d5911ebf7d90454e20a5d3d6a7\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 164630 2ba7eb220cee2ef90c433520dc22bd1d\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 677878 53436fc167794aa6c7e4538156b279e4\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_sparc.deb\nSize/MD5: 368236 8cfe1fb1b04f054211103b96bd85d4d0\n\nUpdated packages for Ubuntu 6.10:\n\nSource archives:\n\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.diff.gz\nSize/MD5: 1468259 a89554ee72ae46193497b5fdb86359e5\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.dsc\nSize/MD5: 883 92b415a7e46614bc10a6fad2971a13a4\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz\nSize/MD5: 7279788 43fe621ecb849a83ee014dfb856c54af\n\nArchitecture independent packages:\n\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.1_all.deb\nSize/MD5: 853430 3958e9a508ef75081c289378ee06cb5d\n\namd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 81062 5e7b14c23de60189762b3776991256a3\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 223934 6cbf0f868012e01518617369f4c09d78\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 61134 c2420e53a8369ef1fb7150d8a486dd3c\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 138648 38ffe1ee542695b7e7110f752b02a735\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 86946 da6f24f2da9e84b2e13c0a296c8bdfcb\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 67556 711861722d5ef9e31d6d641076574df6\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 130170 53bf2f36db32694986426840efce7a63\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 190180 27a2f0cf1711ddf7498b20073363c5f6\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 1072552 d9f4df032a6d0b24d4b948cdc2a17ec3\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 771828 8a490a2198a58ccea514e43ab68bce88\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_amd64.deb\nSize/MD5: 427562 f60e228b07f072ee64e66d16b01c80c9\n\ni386 architecture (x86 compatible Intel/AMD)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 74768 07466ce7134858695cd2608f7d916bc9\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 195996 77d746677df270dc89773c13f4231e98\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 56642 33f6895466f028e4f7e60fe6d0102d7b\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 128984 d57c3ae641ffc63cde21557c3db9355c\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 79602 6be865799bcf85edb35c541df35b9245\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 61366 e9c4b39d8228118d03d5df02123e437d\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 121716 588addedfb49a64c09a8517740d039d9\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 172370 b6674bf633bf623d54d53d8ee57120e5\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 1024338 53cef35e866ba9bfa14ebb7727b10c9d\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 672520 7c1313e3eb84a448479af34eda9a0233\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_i386.deb\nSize/MD5: 403646 b30ac3ba3dc11650ef9a74b5b1d9368a\n\npowerpc architecture (Apple Macintosh G3/G4/G5)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 81626 eb56ed7461f47af49023f2027d71a249\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 222676 f847921d673ba513a11b2e4da26c6589\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 61324 94d69c98e2439ead3b38757fb6503917\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 140824 a3a2c75ca459aadf29db4af247832cac\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 86812 8747cbb5e22b1611d0f35d413a29dfb8\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 66622 e03d52dd334c788d3fb7583660ac25af\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 136342 0048a761afaabaffb847273c88cb7758\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 179554 59ca8bdf4afa0ea09432aaa2e53facf7\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 1076132 98f942e3252e3f377cd24c03dfae7120\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 757874 00cde304e78bdd85ca75454ae31f9056\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_powerpc.deb\nSize/MD5: 398636 15cd61e388f2e658709577c6c17ed9f4\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 74648 a9d42678fb3d7d508c087ae7eb075eec\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 203198 2aeac236c8864c757a55870190918302\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 58498 22079ad35df8ceea0857319eb533ee35\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 129158 a5b36aeb90baba94d569f41d21f16548\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 79926 d889cf2987c8c48a6aef9b566ad14238\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 63040 6e9f3b3ad95536ee494d73e8ee3d252a\nhttp://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 122238 bd59626426b7690742520d2151b58a3c\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 166480 fd69c12e642a168d39ce209c1647d433\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 957280 de94391f1d289fbe3c7639f8ca8cf303\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 684606 511b01e003f876bde73badddeda105ab\nhttp://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_sparc.deb\nSize/MD5: 373600 66c24f51433ff5ce4670bc91f04a6187\n\nORIGINAL ADVISORY:\nhttp://www.ubuntu.com/usn/usn-408-1\n\nOTHER REFERENCES:\nSA23696:\nhttp://secunia.com/advisories/23696/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0465"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"db": "VULHUB",
"id": "VHN-23827"
},
{
"db": "PACKETSTORM",
"id": "53708"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23827",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23827"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "USCERT",
"id": "TA07-109A",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2007-0465",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "24966",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1017940",
"trust": 2.5
},
{
"db": "BID",
"id": "22272",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-1470",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "32705",
"trust": 1.7
},
{
"db": "XF",
"id": "31883",
"trust": 1.4
},
{
"db": "USCERT",
"id": "SA07-109A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000308",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-551",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA07-109A",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2007-04-19",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-83028",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "29532",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23827",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "23772",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53708",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23827"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"db": "PACKETSTORM",
"id": "53708"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"id": "VAR-200701-0398",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23827"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:45:19.199000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2007-004 v1.1 (Universal)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate2007004v11universal.html"
},
{
"title": "Security Update 2007-004 v1.1 (PPC)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate2007004v11ppc.html"
},
{
"title": "Security Update 2007-004",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=305391-en"
},
{
"title": "Security Update 2007-004",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=305391-ja"
},
{
"title": "Security Update 2007-004 v1.1 (Universal)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate2007004v11universal.html"
},
{
"title": "Security Update 2007-004 v1.1 (PPC)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate2007004v11ppc.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/22272"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-109a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1017940"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/24966"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2007/apr/msg00001.html"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"trust": 1.7,
"url": "http://projects.info-pull.com/moab/moab-26-01-2007.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/32705"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/1470"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/31883"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0465"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta07-109a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta07-109a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0465"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa07-109a.html"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/23772/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-9ubuntu1.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-5ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.4.3-9ubuntu1.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/software_inspector/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3-5ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12470/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-408-1"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-5ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/23696/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-5ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dbg_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1.4.3-9ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1.4.3-9ubuntu1.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-server_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.4.3-9ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10611/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server_1.4.3-5ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.4.3-5ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5_1.4.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.4.3-9ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.4.3-9ubuntu1.1_sparc.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23827"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"db": "PACKETSTORM",
"id": "53708"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23827"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"db": "PACKETSTORM",
"id": "53708"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-31T00:00:00",
"db": "VULHUB",
"id": "VHN-23827"
},
{
"date": "2007-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"date": "2007-01-18T08:44:32",
"db": "PACKETSTORM",
"id": "53708"
},
{
"date": "2007-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"date": "2007-01-31T01:28:00",
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-23827"
},
{
"date": "2007-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000308"
},
{
"date": "2007-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-551"
},
{
"date": "2017-07-29T01:30:12.547000",
"db": "NVD",
"id": "CVE-2007-0465"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X Installer format string vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000308"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "format string",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-551"
}
],
"trust": 0.6
}
}
VAR-201103-0289
Vulnerability from variot - Updated: 2023-12-18 11:24Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server. Apple Mac OS X is prone to a vulnerability that affects URI processing in Install Helper. Exploiting this issue can allow attackers to provide unexpected input and possibly bypass input-validation protection mechanisms, leading to the installation of an agent that contacts an arbitrary server. Users may have a false sense of security, believing that the agent contacts Apple, not an arbitrary domain. Mac OS X 10.6 through 10.6.6 and Mac OS X Server 10.6 through 10.6.6 are vulnerable. NOTE: This issue was previously discussed in BID 46950 (Apple Mac OS X Prior to 10.6.7 Multiple Security Vulnerabilities) but has been given its own record to better document it. ----------------------------------------------------------------------
Meet Secunia @ Microsoft Management Summit (MMS) in Las Vegas, USA (21-25 March).
http://secunia.com/company/events/mms_2011/
TITLE: Apple Mac OS X Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43814
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43814/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43814
RELEASE DATE: 2011-03-22
DISCUSS ADVISORY: http://secunia.com/advisories/43814/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43814/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43814
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) A divide-by-zero error in AirPort when handling Wi-Fi frames can be exploited to cause a system reset.
2) Multiple vulnerabilities in Apache can be exploited by malicious people to disclose potentially sensitive information and by malicious users and malicious people to cause a DoS (Denial of Service).
For more information: SA40206
3) A format string error within AppleScript Studio when handling certain commands via dialogs can be exploited to potentially execute arbitrary code.
4) An unspecified error in the handling of embedded OpenType fonts in Apple Type Services (ATS) can be exploited to cause a heap-based buffer overflow when a specially crafted document is viewed or downloaded.
5) Multiple unspecified errors in the handling of embedded TrueType fonts in Apple Type Services (ATS) can be exploited to cause a buffer overflow when a specially crafted document is viewed or downloaded.
6) Multiple unspecified errors in the handling of embedded Type 1 fonts in Apple Type Services (ATS) can be exploited to cause a buffer overflow when a specially crafted document is viewed or downloaded.
7) Multiple unspecified errors in the handling of SFNT tables in embedded fonts in Apple Type Services (ATS) can be exploited to cause a buffer overflow when a specially crafted document is viewed or downloaded.
8) An integer overflow error in bzip2 can be exploited to terminate an application using the library or execute arbitrary code via a specially crafted archive.
For more information: SA41452
9) An error within the "FSFindFolder()" API in CarbonCore when used with the "kTemporaryFolderType" flag can be exploited to disclose the contents of arbitrary directories.
10) Multiple errors in ClamAV can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
For more information: SA41503 SA42426
11) An unspecified error in the handling of embedded fonts in CoreText can be exploited to corrupt memory when a specially crafted document is viewed or downloaded.
12) An integer overflow error within the handling of the F_READBOOTSTRAP ioctl in HFS, HFS+, and HFS+J filesystems can be exploited to read arbitrary files.
13) An error in ImageIO within the handling of JPEG files can be exploited to cause a heap-based buffer overflow.
14) An integer overflow error in ImageIO within the handling of XBM files can be exploited to potentially execute arbitrary code.
15) An error in libTIFF within the handling of JPEG encoded TIFF files can be exploited to cause a buffer overflow.
16) An error in libTIFF within the handling of CCITT Group 4 encoded TIFF files can be exploited to cause a buffer overflow.
17) An integer overflow error in ImageIO within the handling of JPEG encoded TIFF files can be exploited to potentially execute arbitrary code.
18) Multiple errors in Image RAW when handling Canon RAW image files can be exploited to cause buffer overflows.
19) An error in the Install Helper when handling URLs can be exploited to install an arbitrary agent by tricking the user into visiting a malicious website.
20) Multiple errors in Kerberos can be exploited by malicious users and malicious people to conduct spoofing attacks and bypass certain security features.
For more information: SA37977 SA42396
21) An error within the "i386_set_ldt()" system call can be exploited by malicious, local users to execute arbitrary code with system privileges.
22) An integer truncation error within Libinfo when handling NFS RPC packets can be exploited to cause NFS RPC services to become unresponsive.
23) An error exists in the libxml library when traversing the XPath.
For more information: SA42175
24) A double free error exists in the libxml library when handling XPath expressions.
For more information: SA42721
25) Two errors in Mailman can be exploited by malicious users to conduct script insertion attacks.
For more information: SA41265
26) Multiple errors in PHP can be exploited by malicious users and malicious people to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
For more information: SA39573 SA41724
27) Multiple errors in PHP can be exploited by malicious users and malicious people to bypass certain security restrictions.
For more information: SA41724
28) An error in the OfficeImport framework when processing records containing formulas shared between multiple cells can be exploited to corrupt memory and potentially execute arbitrary code.
29) An error in QuickLook when handling certain Microsoft Office files can be exploited to corrupt memory when a specially crafted document is downloaded.
30) Multiple unspecified errors in QuickTime when handling JPEG2000, FlashPix, and panorama atoms in QTVR (QuickTime Virtual Reality) movie files can be exploited to corrupt memory via specially crafted files.
31) An integer overflow error in QuickTime when handling certain movie files can be exploited to potentially execute arbitrary code when a specially crafted file is viewed.
32) An error within QuickTime plug-in when handling cross-site redirects can be exploited to disclose video data.
33) An integer truncation error within the Ruby BigDecimal class can be exploited to potentially execute arbitrary code.
This vulnerability only affects 64-bit Ruby processes.
34) A boundary error in Samba can be exploited by malicious people to potentially compromise a vulnerable system.
For more information: SA41354
35) A security issue in Subversion can be exploited by malicious people to bypass certain security restrictions.
For more information: SA41652
36) A weakness in Terminal uses SSH version 1 as the default protocol version when using ssh via the "New Remote Connection" dialog.
37) Some vulnerabilities in FreeType can be exploited to cause a DoS (Denial of Service) or potentially compromise an application using the library.
For more information: SA41738
SOLUTION: Update to version 10.6.7 or apply Security Update 2011-001.
PROVIDED AND/OR DISCOVERED BY: 15, 16, 33) Reported by the vendor.
The vendor credits: 3) Alexander Strange. 5) Christoph Diehl of Mozilla, Felix Grobert of the Google Security Team, Marc Schoenefeld of Red Hat Security Response Team, and Tavis Ormandy and Will Drewry of Google Security Team. 6) Felix Grobert, Google Security Team and geekable via ZDI. 7) Marc Schoenefeld, Red Hat Security Response Team. 11) Christoph Diehl, Mozilla. 12) Dan Rosenberg, Virtual Security Research. 13) Andrzej Dyjak via iDefense. 14) Harry Sintonen. 17) Dominic Chell, NGS Secure. 18) Paul Harrington, NGS Secure. 19) Aaron Sigel, vtty.com. 21) Jeff Mears. 22) Peter Schwenk, University of Delaware. 28) Tobias Klein via iDefense. 29) Charlie Miller and Dion Blazakis via ZDI. 30) Will Dormann of CERT/CC, Damian Put and an anonymous researcher via ZDI, and Rodrigo Rubira Branco of Check Point Vulnerability Discovery Team. 31) Honggang Ren, Fortinet's FortiGuard Labs. 32) Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). 36) Matt Warren, HNW Inc.
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4581
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=898
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0289",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.6.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.2"
},
{
"model": "installer",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.6"
},
{
"model": "installer",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
}
],
"sources": [
{
"db": "BID",
"id": "47023"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:installer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:installer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0190"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aaron Sigel of vtty.com",
"sources": [
{
"db": "BID",
"id": "47023"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0190",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-0190",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-48135",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-0190",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-300",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48135",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48135"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server. Apple Mac OS X is prone to a vulnerability that affects URI processing in Install Helper. \nExploiting this issue can allow attackers to provide unexpected input and possibly bypass input-validation protection mechanisms, leading to the installation of an agent that contacts an arbitrary server. Users may have a false sense of security, believing that the agent contacts Apple, not an arbitrary domain. \nMac OS X 10.6 through 10.6.6 and Mac OS X Server 10.6 through 10.6.6 are vulnerable. \nNOTE: This issue was previously discussed in BID 46950 (Apple Mac OS X Prior to 10.6.7 Multiple Security Vulnerabilities) but has been given its own record to better document it. ----------------------------------------------------------------------\n\n\nMeet Secunia @ Microsoft Management Summit (MMS) in Las Vegas, USA (21-25 March). \n\nhttp://secunia.com/company/events/mms_2011/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Mac OS X Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43814\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43814/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43814\n\nRELEASE DATE:\n2011-03-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43814/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43814/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43814\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has issued a security update for Mac OS X, which fixes multiple\nvulnerabilities. \n\n1) A divide-by-zero error in AirPort when handling Wi-Fi frames can\nbe exploited to cause a system reset. \n\n2) Multiple vulnerabilities in Apache can be exploited by malicious\npeople to disclose potentially sensitive information and by malicious\nusers and malicious people to cause a DoS (Denial of Service). \n\nFor more information:\nSA40206\n\n3) A format string error within AppleScript Studio when handling\ncertain commands via dialogs can be exploited to potentially execute\narbitrary code. \n\n4) An unspecified error in the handling of embedded OpenType fonts in\nApple Type Services (ATS) can be exploited to cause a heap-based\nbuffer overflow when a specially crafted document is viewed or\ndownloaded. \n\n5) Multiple unspecified errors in the handling of embedded TrueType\nfonts in Apple Type Services (ATS) can be exploited to cause a buffer\noverflow when a specially crafted document is viewed or downloaded. \n\n6) Multiple unspecified errors in the handling of embedded Type 1\nfonts in Apple Type Services (ATS) can be exploited to cause a buffer\noverflow when a specially crafted document is viewed or downloaded. \n\n7) Multiple unspecified errors in the handling of SFNT tables in\nembedded fonts in Apple Type Services (ATS) can be exploited to cause\na buffer overflow when a specially crafted document is viewed or\ndownloaded. \n\n8) An integer overflow error in bzip2 can be exploited to terminate\nan application using the library or execute arbitrary code via a\nspecially crafted archive. \n\nFor more information:\nSA41452\n\n9) An error within the \"FSFindFolder()\" API in CarbonCore when used\nwith the \"kTemporaryFolderType\" flag can be exploited to disclose the\ncontents of arbitrary directories. \n\n10) Multiple errors in ClamAV can be exploited by malicious people to\ncause a DoS (Denial of Service) and potentially compromise a\nvulnerable system. \n\nFor more information:\nSA41503\nSA42426\n\n11) An unspecified error in the handling of embedded fonts in\nCoreText can be exploited to corrupt memory when a specially crafted\ndocument is viewed or downloaded. \n\n12) An integer overflow error within the handling of the\nF_READBOOTSTRAP ioctl in HFS, HFS+, and HFS+J filesystems can be\nexploited to read arbitrary files. \n\n13) An error in ImageIO within the handling of JPEG files can be\nexploited to cause a heap-based buffer overflow. \n\n14) An integer overflow error in ImageIO within the handling of XBM\nfiles can be exploited to potentially execute arbitrary code. \n\n15) An error in libTIFF within the handling of JPEG encoded TIFF\nfiles can be exploited to cause a buffer overflow. \n\n16) An error in libTIFF within the handling of CCITT Group 4 encoded\nTIFF files can be exploited to cause a buffer overflow. \n\n17) An integer overflow error in ImageIO within the handling of JPEG\nencoded TIFF files can be exploited to potentially execute arbitrary\ncode. \n\n18) Multiple errors in Image RAW when handling Canon RAW image files\ncan be exploited to cause buffer overflows. \n\n19) An error in the Install Helper when handling URLs can be\nexploited to install an arbitrary agent by tricking the user into\nvisiting a malicious website. \n\n20) Multiple errors in Kerberos can be exploited by malicious users\nand malicious people to conduct spoofing attacks and bypass certain\nsecurity features. \n\nFor more information:\nSA37977\nSA42396\n\n21) An error within the \"i386_set_ldt()\" system call can be exploited\nby malicious, local users to execute arbitrary code with system\nprivileges. \n\n22) An integer truncation error within Libinfo when handling NFS RPC\npackets can be exploited to cause NFS RPC services to become\nunresponsive. \n\n23) An error exists in the libxml library when traversing the XPath. \n\nFor more information:\nSA42175\n\n24) A double free error exists in the libxml library when handling\nXPath expressions. \n\nFor more information:\nSA42721\n\n25) Two errors in Mailman can be exploited by malicious users to\nconduct script insertion attacks. \n\nFor more information:\nSA41265\n\n26) Multiple errors in PHP can be exploited by malicious users and\nmalicious people to bypass certain security restrictions and by\nmalicious people to cause a DoS (Denial of Service) and potentially\ncompromise a vulnerable system. \n\nFor more information:\nSA39573\nSA41724\n\n27) Multiple errors in PHP can be exploited by malicious users and\nmalicious people to bypass certain security restrictions. \n\nFor more information:\nSA41724\n\n28) An error in the OfficeImport framework when processing records\ncontaining formulas shared between multiple cells can be exploited to\ncorrupt memory and potentially execute arbitrary code. \n\n29) An error in QuickLook when handling certain Microsoft Office\nfiles can be exploited to corrupt memory when a specially crafted\ndocument is downloaded. \n\n30) Multiple unspecified errors in QuickTime when handling JPEG2000,\nFlashPix, and panorama atoms in QTVR (QuickTime Virtual Reality)\nmovie files can be exploited to corrupt memory via specially crafted\nfiles. \n\n31) An integer overflow error in QuickTime when handling certain\nmovie files can be exploited to potentially execute arbitrary code\nwhen a specially crafted file is viewed. \n\n32) An error within QuickTime plug-in when handling cross-site\nredirects can be exploited to disclose video data. \n\n33) An integer truncation error within the Ruby BigDecimal class can\nbe exploited to potentially execute arbitrary code. \n\nThis vulnerability only affects 64-bit Ruby processes. \n\n34) A boundary error in Samba can be exploited by malicious people to\npotentially compromise a vulnerable system. \n\nFor more information:\nSA41354\n\n35) A security issue in Subversion can be exploited by malicious\npeople to bypass certain security restrictions. \n\nFor more information:\nSA41652\n\n36) A weakness in Terminal uses SSH version 1 as the default protocol\nversion when using ssh via the \"New Remote Connection\" dialog. \n\n37) Some vulnerabilities in FreeType can be exploited to cause a DoS\n(Denial of Service) or potentially compromise an application using\nthe library. \n\nFor more information:\nSA41738\n\nSOLUTION:\nUpdate to version 10.6.7 or apply Security Update 2011-001. \n\nPROVIDED AND/OR DISCOVERED BY:\n15, 16, 33) Reported by the vendor. \n\nThe vendor credits:\n3) Alexander Strange. \n5) Christoph Diehl of Mozilla, Felix Grobert of the Google Security\nTeam, Marc Schoenefeld of Red Hat Security Response Team, and Tavis\nOrmandy and Will Drewry of Google Security Team. \n6) Felix Grobert, Google Security Team and geekable via ZDI. \n7) Marc Schoenefeld, Red Hat Security Response Team. \n11) Christoph Diehl, Mozilla. \n12) Dan Rosenberg, Virtual Security Research. \n13) Andrzej Dyjak via iDefense. \n14) Harry Sintonen. \n17) Dominic Chell, NGS Secure. \n18) Paul Harrington, NGS Secure. \n19) Aaron Sigel, vtty.com. \n21) Jeff Mears. \n22) Peter Schwenk, University of Delaware. \n28) Tobias Klein via iDefense. \n29) Charlie Miller and Dion Blazakis via ZDI. \n30) Will Dormann of CERT/CC, Damian Put and an anonymous researcher\nvia ZDI, and Rodrigo Rubira Branco of Check Point Vulnerability\nDiscovery Team. \n31) Honggang Ren, Fortinet\u0027s FortiGuard Labs. \n32) Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). \n36) Matt Warren, HNW Inc. \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT4581\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=898\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "BID",
"id": "47023"
},
{
"db": "VULHUB",
"id": "VHN-48135"
},
{
"db": "PACKETSTORM",
"id": "99616"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0190",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-300",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "43814",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2011-03-21-1",
"trust": 0.6
},
{
"db": "BID",
"id": "47023",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-48135",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99616",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48135"
},
{
"db": "BID",
"id": "47023"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "PACKETSTORM",
"id": "99616"
},
{
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"id": "VAR-201103-0289",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48135"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:24:15.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4581",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4581"
},
{
"title": "HT4581",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4581?viewlocale=ja_jp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48135"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "NVD",
"id": "CVE-2011-0190"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4581"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00006.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0190"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu636925"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0190"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/43814"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/events/mms_2011/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43814/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43814/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=898"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43814"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48135"
},
{
"db": "BID",
"id": "47023"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "PACKETSTORM",
"id": "99616"
},
{
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48135"
},
{
"db": "BID",
"id": "47023"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"db": "PACKETSTORM",
"id": "99616"
},
{
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-48135"
},
{
"date": "2011-03-21T00:00:00",
"db": "BID",
"id": "47023"
},
{
"date": "2011-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"date": "2011-03-22T09:25:41",
"db": "PACKETSTORM",
"id": "99616"
},
{
"date": "2011-03-23T02:00:06.157000",
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"date": "2011-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-48135"
},
{
"date": "2015-03-19T08:12:00",
"db": "BID",
"id": "47023"
},
{
"date": "2011-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001415"
},
{
"date": "2011-03-23T04:00:00",
"db": "NVD",
"id": "CVE-2011-0190"
},
{
"date": "2011-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X of Install Helper Vulnerable to tracking user login information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001415"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-300"
}
],
"trust": 0.6
}
}
FKIE_CVE-2011-0190
Vulnerability from fkie_nvd - Published: 2011-03-23 02:00 - Updated: 2025-04-11 00:51| URL | Tags | ||
|---|---|---|---|
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html | Patch, Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT4581 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4581 | Patch, Vendor Advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| apple | installer | * | |
| apple | mac_os_x | 10.6.0 | |
| apple | mac_os_x | 10.6.1 | |
| apple | mac_os_x | 10.6.2 | |
| apple | mac_os_x | 10.6.3 | |
| apple | mac_os_x | 10.6.4 | |
| apple | mac_os_x | 10.6.5 | |
| apple | mac_os_x | 10.6.6 | |
| apple | installer | * | |
| apple | mac_os_x_server | 10.6.0 | |
| apple | mac_os_x_server | 10.6.1 | |
| apple | mac_os_x_server | 10.6.2 | |
| apple | mac_os_x_server | 10.6.3 | |
| apple | mac_os_x_server | 10.6.4 | |
| apple | mac_os_x_server | 10.6.5 | |
| apple | mac_os_x_server | 10.6.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:installer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "036F0E13-91CB-4C5E-A5C3-6EEAE787EF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "119C8089-8C98-472E-9E9C-1741AA21DD35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "831C5105-6409-4743-8FB5-A91D8956202F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0B63D169-E2AA-4315-891F-B4AF99F2753C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:installer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "036F0E13-91CB-4C5E-A5C3-6EEAE787EF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0D1051-F850-4A02-ABA0-968E1336A518",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C9705A-74D4-43BA-A119-C667678F9A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBF5FE5-4B25-47BE-8D9D-F228746408EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server."
},
{
"lang": "es",
"value": "Install Helper en Installer de Apple Mac OS X antes de v10.6.7, no procesa correctamente una direcci\u00f3n URL no especificada, lo que podr\u00eda permitir a atacantes remotos rastrear los inicios de sesi\u00f3n de usuario grabando el tr\u00e1fico de la red con un agente que intenta enviar tr\u00e1fico de red a un servidor de Apple."
}
],
"id": "CVE-2011-0190",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-23T02:00:06.157",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-0465
Vulnerability from fkie_nvd - Published: 2007-01-31 01:28 - Updated: 2025-04-09 00:30{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:installer:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07BD942E-EEDB-4B38-9C00-1A8CC3128022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en Apple Installer 2.1.5 sobre Mac OS X 10.4.8 permite a atacantes con la intervenci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de especificaciones del formato de cadena en el nombre de fichero de paquete (1) PKG, (2) DISTZ, o (3) MPKG."
}
],
"id": "CVE-2007-0465",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-01-31T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24966"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/32705"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22272"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017940"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/32705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2011-0190 (GCVE-0-2011-0190)
Vulnerability from cvelistv5 – Published: 2011-03-23 01:00 – Updated: 2024-09-17 03:23- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:43:15.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-23T01:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2011-0190",
"datePublished": "2011-03-23T01:00:00Z",
"dateReserved": "2010-12-23T00:00:00Z",
"dateUpdated": "2024-09-17T03:23:22.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0465 (GCVE-0-2007-0465)
Vulnerability from cvelistv5 – Published: 2007-01-31 01:00 – Updated: 2024-08-07 12:19- n/a
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:29.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "macos-installer-format-string(31883)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "22272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22272"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "32705",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32705"
},
{
"name": "1017940",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017940"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "macos-installer-format-string(31883)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "22272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22272"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "32705",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32705"
},
{
"name": "1017940",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017940"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "macos-installer-format-string(31883)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name": "22272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22272"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "32705",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32705"
},
{
"name": "1017940",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017940"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0465",
"datePublished": "2007-01-31T01:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:29.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0190 (GCVE-0-2011-0190)
Vulnerability from nvd – Published: 2011-03-23 01:00 – Updated: 2024-09-17 03:23- n/a
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:43:15.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-23T01:00:00Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Install Helper in Installer in Apple Mac OS X before 10.6.7 does not properly process an unspecified URL, which might allow remote attackers to track user logins by logging network traffic from an agent that was intended to send network traffic to an Apple server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2011-0190",
"datePublished": "2011-03-23T01:00:00Z",
"dateReserved": "2010-12-23T00:00:00Z",
"dateUpdated": "2024-09-17T03:23:22.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0465 (GCVE-0-2007-0465)
Vulnerability from nvd – Published: 2007-01-31 01:00 – Updated: 2024-08-07 12:19- n/a
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:29.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "macos-installer-format-string(31883)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "22272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22272"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "32705",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32705"
},
{
"name": "1017940",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017940"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "macos-installer-format-string(31883)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"name": "24966",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24966"
},
{
"name": "22272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22272"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "TA07-109A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "32705",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32705"
},
{
"name": "1017940",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017940"
},
{
"name": "APPLE-SA-2007-04-19",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "macos-installer-format-string(31883)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31883"
},
{
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name": "22272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22272"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "32705",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32705"
},
{
"name": "1017940",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017940"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-26-01-2007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0465",
"datePublished": "2007-01-31T01:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:29.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}