Apple: >> Mac Os X Server >> 10.6.4 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.002
Published
2010-11-16
Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted xar archive.
CVSS Score
6.8
EPSS Score
0.024
Published
2010-11-16
Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image.
CVSS Score
7.1
EPSS Score
0.008
Published
2010-11-16
ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PSD image.
CVSS Score
6.8
EPSS Score
0.018
Published
2010-11-16
Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image.
CVSS Score
6.8
EPSS Score
0.014
Published
2010-11-16
The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.0
Published
2010-11-16
Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.002
Published
2010-11-16
The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls.
CVSS Score
5.0
EPSS Score
0.004
Published
2010-11-16
Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet.
CVSS Score
7.8
EPSS Score
0.016
Published
2010-11-16
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share.
CVSS Score
6.0
EPSS Score
0.007
Published
2010-11-15