Vulnerabilities > Apple > MAC OS X Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-03-23 | CVE-2011-0182 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry. | 7.2 |
| 2010-11-16 | CVE-2010-1844 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image. | 7.1 |
| 2010-11-16 | CVE-2010-1843 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet. | 7.8 |
| 2010-11-15 | CVE-2010-1840 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 7.5 |
| 2010-06-17 | CVE-2010-1380 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. | 7.5 |
| 2010-06-17 | CVE-2010-1375 | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2010-03-30 | CVE-2010-0524 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EAP-TLS authenticated connections on the basis of an arbitrary client certificate, which allows remote attackers to obtain network connectivity via a crafted RADIUS Access Request message. | 7.5 |
| 2010-03-30 | CVE-2010-0509 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accounts. | 7.2 |
| 2010-03-30 | CVE-2010-0504 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X Server Multiple stack-based buffer overflows in iChat Server in Apple Mac OS X Server before 10.6.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 7.5 |
| 2010-03-30 | CVE-2010-0500 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a crafted DNS PTR record, related to a "plist injection issue." | 7.8 |