Vulnerabilities > Apple > MAC OS X Server > 10.6.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-24 | CVE-2011-0199 | Improper Certificate Validation vulnerability in Apple mac OS X and mac OS X Server The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate. | 5.9 |
| 2011-06-21 | CVE-2011-1755 | XML Entity Expansion vulnerability in multiple products jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 7.5 |
| 2010-06-22 | CVE-2010-1637 | Server-Side Request Forgery (SSRF) vulnerability in multiple products The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number. | 6.5 |