cpe:/o:apple:mac_os_x:10.6 cpe:/o:apple:mac_os_x:10.6.1 cpe:/o:apple:mac_os_x_server:10.6 cpe:/o:apple:mac_os_x_server:10.6.1 CVE-2009-2836 2009-11-10T14:30:01.563-05:00 2009-11-17T02:03:00.627-05:00 6.2 LOCAL HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-11-11T12:08:00.000-05:00 ALLOWS_ADMIN_ACCESS BID 36956 VUPEN ADV-2009-3184 APPLE APPLE-SA-2009-11-09-1 CONFIRM http://support.apple.com/kb/HT3937 Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has a blank password, allows attackers to bypass password authentication and obtain login access to an arbitrary account via unspecified vectors.