The host is installed with Apple Mac OS X Server 10.6.8, 10.7 through 10.7.5 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly restrict access to files and URLs. Successful exploitation allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts.