Lucene search
AppleCVE-2010-0535HistoryMar 30, 2010 - 6:30 p.m.
CVE-2010-0535
2010-03-3018:30:01
CWE-264
apple
web.nvd.nist.gov
31
cve-2010-0535
dovecot
apple
mac os x
kerberos
access control
email
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.002
Percentile
58.8%
Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
Affected configurations
Node
applemac_os_xMatch10.6.0
ORapplemac_os_xMatch10.6.1
ORapplemac_os_xMatch10.6.2
ORapplemac_os_x_serverMatch10.6.0
ORapplemac_os_x_serverMatch10.6.1
ORapplemac_os_x_serverMatch10.6.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | mac_os_x | 10.6.0 | cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.6.1 | cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:* |
| apple | mac_os_x | 10.6.2 | cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:* |
| apple | mac_os_x_server | 10.6.0 | cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:* |
| apple | mac_os_x_server | 10.6.1 | cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:* |
| apple | mac_os_x_server | 10.6.2 | cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-0535
2010-03-30 18:00:00
debiancve
debiancve
CVE-2010-0535
2010-03-30 18:30:01
nvd
nvd
CVE-2010-0535
2010-03-30 18:30:01
prion
prion
Design/Logic Flaw
2010-03-30 18:30:00
nessus
nessus
Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities
2010-03-29 00:00:00
openvas
openvas
Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
2010-05-12 00:00:00
Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
2010-05-12 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.002
Percentile
58.8%
Related for CVE-2010-0535