CVE-2010-0502
First published: Tue Mar 30 2010(Updated: )
iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform logging for all types of messages, which might allow remote attackers to avoid message auditing via an unspecified selection of message type.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS and macOS | =10.5.2 | |
| Apple iOS and macOS | =10.5.8 | |
| Apple iOS and macOS | =10.5.5 | |
| Apple iOS and macOS | =10.5.1 | |
| Apple iOS and macOS | =10.5.6 | |
| Apple iOS and macOS | =10.5.0 | |
| Apple iOS and macOS | =10.5.3 | |
| Apple iOS and macOS | =10.5.4 | |
| Apple iOS and macOS | =10.5.7 | |
| Apple iOS and macOS | =10.6.1 | |
| Apple iOS and macOS | =10.6.0 | |
| Apple iOS and macOS | =10.5 | |
| Apple iOS and macOS | <=10.6.2 | |
| <=10.6.2 | ||
| =10.5 | ||
| =10.5.0 | ||
| =10.5.1 | ||
| =10.5.2 | ||
| =10.5.3 | ||
| =10.5.4 | ||
| =10.5.5 | ||
| =10.5.6 | ||
| =10.5.7 | ||
| =10.5.8 | ||
| =10.6.0 | ||
| =10.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the impact of CVE-2010-0502 on iChat Server in Apple Mac OS X Server?
CVE-2010-0502 allows remote attackers to avoid message auditing due to insufficient logging for certain message types.
Which versions of Apple Mac OS X Server are affected by CVE-2010-0502?
CVE-2010-0502 affects Apple Mac OS X Server versions from 10.5.0 up to and including 10.6.2.
How can I mitigate the effects of CVE-2010-0502?
To mitigate CVE-2010-0502, upgrade your iChat Server to version 10.6.3 or later.
What kind of messages are not logged due to CVE-2010-0502?
CVE-2010-0502 affects the logging of certain types of messages during group chat in iChat Server.
Is CVE-2010-0502 considered a serious vulnerability?
Yes, CVE-2010-0502 is a serious vulnerability as it compromises message auditing, which is critical for security.
- agent/references
- agent/type
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/apple
- canonical/apple ios and macos
- version/apple ios and macos/10.5.2
- version/apple ios and macos/10.5.8
- version/apple ios and macos/10.5.5
- version/apple ios and macos/10.5.1
- version/apple ios and macos/10.5.6
- version/apple ios and macos/10.5.0
- version/apple ios and macos/10.5.3
- version/apple ios and macos/10.5.4
- version/apple ios and macos/10.5.7
- version/apple ios and macos/10.6.1
- version/apple ios and macos/10.6.0
- version/apple ios and macos/10.5
- version/apple ios and macos/10.6.2