CVE-2006-4390
First published: Mon Oct 02 2006(Updated: )
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| macOS Yosemite | =10.4.3 | |
| macOS Yosemite | =10.4.1 | |
| macOS Yosemite | =10.4.7 | |
| macOS Yosemite | =10.4.4 | |
| macOS Yosemite | =10.4 | |
| macOS Yosemite | =10.4.6 | |
| macOS Yosemite | =10.4.5 | |
| macOS Yosemite | =10.3.9 | |
| macOS Yosemite | =10.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
- http://securitytracker.com/id?1016952
- http://www.securityfocus.com/bid/20271
- http://secunia.com/advisories/22187
- http://www.osvdb.org/29267
- http://www.vupen.com/english/advisories/2006/3852
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29277
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/apple
- canonical/macos yosemite
- version/macos yosemite/10.4.3
- version/macos yosemite/10.4.1
- version/macos yosemite/10.4.7
- version/macos yosemite/10.4.4
- version/macos yosemite/10.4
- version/macos yosemite/10.4.6
- version/macos yosemite/10.4.5
- version/macos yosemite/10.3.9
- version/macos yosemite/10.4.2