Mac Os X Server Security Vulnerabilities and Issues — Page 3 of Mac Os X Server CVE List

Lucene search

AppleMac Os X Server

110 matches found

CVE•added 2010/11/16 10:0 p.m.•41 views

CVE-2010-1845

ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PSD image.

6.8CVSS9.3AI score0.01796EPSS

CVE•added 2010/03/30 6:30 p.m.•40 views

CVE-2010-0500

Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue."

7.8CVSS8.3AI score0.00428EPSS

CVE•added 2010/03/30 6:30 p.m.•39 views

CVE-2010-0511

Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the access restrictions of a Podcast Composer workflow when this workflow is overwritten, which allows attackers to access a workflow via unspecified vectors.

5CVSS8.1AI score0.00229EPSS

CVE•added 2010/03/30 6:30 p.m.•39 views

CVE-2010-0518

QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with Sorenson encoding.

6.8CVSS9.3AI score0.02057EPSS

CVE•added 2010/03/30 6:30 p.m.•38 views

CVE-2010-0502

iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform logging for all types of messages, which might allow remote attackers to avoid message auditing via an unspecified selection of message type.

4.3CVSS8.6AI score0.00229EPSS

CVE•added 2010/03/30 6:30 p.m.•38 views

CVE-2010-0503

Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

6.5CVSS8.8AI score0.01244EPSS

CVE•added 2010/08/25 8:0 p.m.•38 views

CVE-2010-1802

libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con cert...

6.4CVSS8.1AI score0.00119EPSS

CVE•added 2010/08/25 8:0 p.m.•37 views

CVE-2010-1800

CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.

5CVSS7.8AI score0.00297EPSS

CVE•added 2010/03/30 6:30 p.m.•36 views

CVE-2010-0062

Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed .3g2 movie file with H.263 encoding that triggers an incorrect buffer length calc...

6.8CVSS9.4AI score0.03588EPSS

CVE•added 2010/03/30 6:30 p.m.•36 views

CVE-2010-0512

The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials.

9.3CVSS8.2AI score0.00414EPSS

Total number of security vulnerabilities110