CVE-2010-0498

Apple Mac OS X < 10.6.2 - Authentication Bypass

Title source: rule

Description

Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors.

References (2)

[Patch, Vendor Advisory] http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

[Patch, Vendor Advisory] http://support.apple.com/kb/HT4077

Scores

EPSS 0.0004

EPSS Percentile 12.7%

Classification

CWE

CWE-287

Status draft

Affected Products (26)

apple/mac_os_x < 10.6.2

apple/mac_os_x

apple/mac_os_x_server < 10.6.2

apple/mac_os_x_server

... and 11 more

Timeline

Published Mar 30, 2010

Tracked Since Feb 18, 2026