Описание
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4390
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29277
- http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
- http://secunia.com/advisories/22187
- http://securitytracker.com/id?1016952
- http://www.osvdb.org/29267
- http://www.securityfocus.com/bid/20271
- http://www.vupen.com/english/advisories/2006/3852
EPSS
CVE ID
Связанные уязвимости
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
EPSS