CVE-2010-0535 — Apple MAC OS X vulnerability

CWE-2646 documents5 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 62.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple MAC OS X Server

Timeline

PublishedMar 30

Latest updateMay 2

Description

Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages2 packages

▶NVDapple/mac_os_x10.6.0, 10.6.1, 10.6.2+2

▶NVDapple/mac_os_x_server10.6.0, 10.6.1, 10.6.2+2

🔴Vulnerability Details

GHSA

GHSA-362c-mvq7-4vmp: Dovecot in Apple Mac OS X 10↗2022-05-02

▶

CVEList

CVE-2010-0535: Dovecot in Apple Mac OS X 10↗2010-03-30

▶

📋Vendor Advisories

Debian

CVE-2010-0535: dovecot - Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not...↗2010

▶

💬Community

Bugzilla

CVE-2010-4728 CVE-2011-0535 CVE-2011-0911 zikula various flaws [epel-all]↗2011-02-09

▶