Apple issued the patches, available through its Web site, Thursday. The flaws affect versions 10.3.9 and 10.4.2 of the Mac OS X operating system, as well as related server software.
Symantec and the French Security Incident Response Team both said the vulnerabilities are serious and that the need to patch them is urgent. However, no exploits for them have been reported, Symantec noted in an alert sent to members of its DeepSight service Friday.
The flaws expose affected machines to remote attack using arbitrary commands and e-mail interception, according to Apple's bulletin. Certain vulnerabilities could also be exploited for a denial-of-service attack, FrSirt said in an online advisory.
Apple declined to comment on the security patches Friday.
The company has previously released patches for these Mac OS X versions. In one of its bigger security updates, the company last month unloaded fixes for. Last May, it released an update for 20 vulnerabilities, and in March, it distributed an update for a dozen security bugs.