Apple Mac Os X Server vulnerabilities

CVE-2009-2843 [MEDIUM] CWE-310 CVE-2009-2843: Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for app Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet.

CVE-2009-3553 [HIGH] CWE-416 CVE-2009-3553: Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly

CVE-2009-2819 [CRITICAL] CWE-399 CVE-2009-2819: AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a d AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors.

CVE-2009-2833 [HIGH] CWE-119 CVE-2009-2833: Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

CVE-2009-2828 [HIGH] CWE-399 CVE-2009-2828: The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

CVE-2009-2808 [MEDIUM] CWE-310 CVE-2009-2808: Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help Help Viewer in Apple Mac OS X before 10.6.2 does not use an HTTPS connection to retrieve Apple Help content from a web site, which allows man-in-the-middle attackers to send a crafted help:runscript link, and thereby execute arbitrary code, via a spoofed response.

CVE-2009-2829 [MEDIUM] CWE-255 CVE-2009-2829: Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafted authentication data sent to Event Monitor in Apple Mac OS X 10.5.8 does not properly handle crafted authentication data sent to an SSH daemon, which allows remote attackers to cause a denial of service via vectors involving processing of XML log documents by other services, related to a "log injection" issue.

CVE-2009-2818 [MEDIUM] CWE-264 CVE-2009-2818: Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH Adaptive Firewall in Apple Mac OS X before 10.6.2 does not properly handle invalid usernames in SSH login attempts, which makes it easier for remote attackers to obtain login access via a brute-force attack (aka dictionary attack).

CVE-2009-2840 [MEDIUM] CVE-2009-2840: Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local user Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary files, which allows local users to overwrite arbitrary files in the context of a different user's privileges via unspecified vectors.

CVE-2009-2824 [MEDIUM] CWE-119 CVE-2009-2824: Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attacke Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document.

CVE-2009-2835 [MEDIUM] CWE-20 CVE-2009-2835: The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allow The kernel in Apple Mac OS X before 10.6.2 does not properly handle task state segments, which allows local users to gain privileges, cause a denial of service (system crash), or obtain sensitive information via unspecified vectors.

CVE-2009-2810 [MEDIUM] CVE-2009-2810: Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upo Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message.

CVE-2009-2827 [MEDIUM] CWE-119 CVE-2009-2827: Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attac Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image.

CVE-2009-2823 [MEDIUM] CWE-79 CVE-2009-2823: The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows r The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.

CVE-2009-2825 [MEDIUM] CVE-2009-2825: Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408

CVE-2009-2820 [MEDIUM] CWE-79 CVE-2009-2820: The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configurati

CVE-2009-2836 [MEDIUM] CWE-362 CVE-2009-2836: Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has a blank password, allows attackers to bypass password authentication and obtain login access to an arbitrary account via unspecified vectors.

CVE-2009-2831 [MEDIUM] CVE-2009-2831: Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any conte Dictionary in Apple Mac OS X 10.5.8 allows remote attackers to create arbitrary files with any contents, and thereby execute arbitrary code, via crafted JavaScript, related to a "design issue."

CVE-2009-2830 [MEDIUM] CVE-2009-2830: Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.

CVE-2009-2839 [MEDIUM] CWE-399 CVE-2009-2839: Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.