Spyware Sucks

http://docs.info.apple.com/article.html?artnum=304460

CFNetwork - Impact: CFNetwork clients such as Safari may allow unauthenticated SSL sites to appear as authenticated

Flash Player - Impact: Playing Flash content may lead to arbitrary code execution

ImageIO - Impact: Viewing a maliciously-crafted JPEG2000 image may lead to an application crash or arbitrary code execution

Kernel - Impact: Local users may be able to run arbitrary code with raised privileges

LoginWindow - Impact: After an unsuccessful attempt to log in to a network account, Kerberos tickets may be accessible to other local users

LoginWindow - Impact: Kerberos tickets may be accessible to other local users if Fast User Switching is enabled

LoginWindow - Impact: Network accounts may be able to bypass loginwindow service access controls

Preferences - Impact: After removing an account's Admin privileges, the account may still manage WebObjects applications

QuickDraw Manager - Impact: Opening a malicious PICT image with certain applications may lead to an application crash or arbitrary code execution

SASL - Impact: Remote attackers may be able to cause an IMAP server denial of service

WebCore - Impact: Viewing a maliciously-crafted web page may lead to arbitrary code execution

WorkGroup Manager - Impact: Accounts in a NetInfo parent that appear to use ShadowHash passwords may still use crypt