Vulnerabilities > Apple > MAC OS X Server > 10.6.1

DATE CVE VULNERABILITY TITLE RISK
2017-04-13 CVE-2010-1821 Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
local
low complexity
apple CWE-20
7.2
2017-04-13 CVE-2010-1816 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.
network
apple CWE-119
critical
9.3
2013-06-05 CVE-2013-0984 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
network
apple CWE-119
critical
9.3
2012-09-20 CVE-2012-3723 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) by attaching a USB device.
local
low complexity
apple CWE-119
4.6
2012-09-20 CVE-2012-3722 Resource Management Errors vulnerability in Apple Iphone OS, mac OS X and mac OS X Server
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
network
apple CWE-399
6.8
2012-09-20 CVE-2012-3719 Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server
Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a third-party plugin.
network
apple CWE-20
6.8
2012-09-20 CVE-2012-3718 Information Exposure vulnerability in Apple mac OS X and mac OS X Server
Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that intercepts keystrokes.
local
low complexity
apple CWE-200
2.1
2012-09-20 CVE-2012-0650 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server
Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
network
low complexity
apple CWE-119
7.5
2012-05-11 CVE-2012-0675 Improper Authentication vulnerability in Apple mac OS X and mac OS X Server
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.
network
apple CWE-287
4.3
2012-05-11 CVE-2012-0662 Numeric Errors vulnerability in Apple mac OS X and mac OS X Server
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
network
low complexity
apple CWE-189
7.5