CVE-2009-0013

dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.

Publication date: Fri, 13 Feb 2009 06:30:00 +0000

Cyber News related to CVE-2009-0013

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
11 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
11 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago

CVE-2009-0013 - dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information. ...
6 years ago

CVE-2008-0014 - Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability ...
6 years ago

CVE-2008-0013 - Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability ...
6 years ago

CVE-2008-0012 - Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability ...
6 years ago

CVE-2002-0053 - Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be ...
5 years ago

CVE-2010-0277 - slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a ...
6 years ago

CVE-2006-0013 - Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than ...
5 years ago

CVE-2010-0013 - Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) ...
1 year ago

CVE-2022-0013 - A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue ...
2 years ago

CVE-2021-31883 - A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All ...
2 years ago

CVE-2021-0013 - Improper input validation for Intel(R) EMA before version 1.5.0 may allow an unauthenticated user to potentially enable denial of service via network access. ...
2 years ago

CVE-2000-0013 - IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. ...
15 years ago

CVE-2001-0013 - Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. ...
15 years ago

CVE-2003-0013 - The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow ...
7 years ago

CVE-2004-0013 - jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash). ...
6 years ago

CVE-2015-6971 - Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables. ...
6 years ago

CVE-2014-0013 - Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose ...
5 years ago

CVE-2002-0013 - Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by ...
5 years ago

CVE-2005-0013 - nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges. ...
5 years ago

CVE-2018-0013 - A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. ...
4 years ago

CVE-2019-0013 - The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only ...
4 years ago

Latest Cyber News

CVE-2024-6229 - 7 hours ago
CVE-2024-40614 - 8 hours ago
CVE-2024-40605 - 23 hours ago
CVE-2024-40604 - 23 hours ago
CVE-2024-40603 - 23 hours ago
CVE-2024-40602 - 23 hours ago
CVE-2024-40601 - 23 hours ago
CVE-2024-40600 - 23 hours ago
CVE-2024-40599 - 23 hours ago
CVE-2024-40598 - 23 hours ago
CVE-2024-40596 - 23 hours ago
CVE-2024-40597 - 23 hours ago
CVE-2024-6095 - 1 day ago
CVE-2024-37554 - 1 day ago
CVE-2024-37553 - 1 day ago
CVE-2024-37547 - 1 day ago
CVE-2024-37546 - 1 day ago
CVE-2024-37542 - 1 day ago
CVE-2024-37541 - 1 day ago
CVE-2024-37539 - 1 day ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 7 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-6229 - 7 hours ago
CVE-2024-40614 - 8 hours ago
CVE-2024-40605 - 23 hours ago
CVE-2024-40604 - 23 hours ago
CVE-2024-40603 - 23 hours ago
CVE-2024-40602 - 23 hours ago
CVE-2024-40601 - 23 hours ago
CVE-2024-40600 - 23 hours ago
CVE-2024-40599 - 23 hours ago
CVE-2024-40598 - 23 hours ago
CVE-2024-40596 - 23 hours ago
CVE-2024-40597 - 23 hours ago
CVE-2024-6095 - 1 day ago
CVE-2024-37553 - 1 day ago
CVE-2024-37554 - 1 day ago
CVE-2024-37547 - 1 day ago
CVE-2024-37546 - 1 day ago
CVE-2024-37542 - 1 day ago
CVE-2024-37541 - 1 day ago
CVE-2024-37539 - 1 day ago