Apple Mac Os X Server vulnerabilities

CVE-2010-1374 [MEDIUM] CWE-22 CVE-2010-1374: Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AI Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation.

CVE-2010-1376 [MEDIUM] CWE-134 CVE-2010-1376: Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) afp, (2) cifs, or (3) smb URL.

CVE-2010-0543 [MEDIUM] CWE-119 CVE-2010-0543: ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitra ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding.

CVE-2010-1411 [MEDIUM] CWE-189 CVE-2010-1411: Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTI Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer ove

CVE-2010-1379 [MEDIUM] CWE-20 CVE-2010-1379: Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, w Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service (printing failure) by deploying a printing device that has a Unicode character in its printing-service name.

CVE-2010-0540 [MEDIUM] CWE-352 CVE-2010-0540: Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used o Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.

CVE-2010-0541 [MEDIUM] CWE-79 CVE-2010-0541: Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8 Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.

CVE-2010-0545 [MEDIUM] CWE-264 CVE-2010-0545: The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the exp The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the expected file ownerships during an "Apply to enclosed items" action, which allows local users to bypass intended access restrictions via normal filesystem operations.

CVE-2010-1373 [MEDIUM] CWE-79 CVE-2010-1373: Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."

CVE-2010-1381 [LOW] CVE-2010-1381: The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enabl The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enables support for wide links, which allows remote authenticated users to access arbitrary files via vectors involving symbolic links. NOTE: this might overlap CVE-2010-0926.

CVE-2010-0546 [LOW] CWE-59 CVE-2010-0546: Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitr Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder.

CVE-2010-1382 [LOW] CWE-79 CVE-2010-1382: Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10 Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field.

CVE-2010-0512 [CRITICAL] CWE-264 CVE-2010-0512: The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials.

CVE-2010-0508 [CRITICAL] CVE-2010-0508: Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mai Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors.

CVE-2010-0522 [CRITICAL] CWE-264 CVE-2010-0522: Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who had former membership in the admin group, which allows remote authenticated users to leverage this former membership to obtain a server connection via screen sharing.

CVE-2010-0055 [CRITICAL] CVE-2010-0055: xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers t xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.

CVE-2010-0510 [CRITICAL] CWE-255 CVE-2010-0510: Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replicatio Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password.

CVE-2010-0533 [HIGH] CWE-22 CVE-2010-0533: Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attack Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors.

CVE-2010-0498 [HIGH] CWE-287 CVE-2010-0498: Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during pr Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.

CVE-2010-0500 [HIGH] CWE-20 CVE-2010-0500: Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, w Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue."