CVE-2006-4390
First published: Mon Oct 02 2006(Updated: )
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Mac OS X | =10.4.3 | |
| Apple Mac OS X | =10.4.1 | |
| Apple Mac OS X | =10.4.7 | |
| Apple Mac OS X | =10.4.4 | |
| Apple Mac OS X | =10.4 | |
| Apple Mac OS X | =10.4.6 | |
| Apple Mac OS X | =10.4.5 | |
| Apple Mac OS X | =10.3.9 | |
| Apple Mac OS X | =10.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
- http://securitytracker.com/id?1016952
- http://www.securityfocus.com/bid/20271
- http://secunia.com/advisories/22187
- http://www.osvdb.org/29267
- http://www.vupen.com/english/advisories/2006/3852
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29277
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple mac os x
- version/apple mac os x/10.4.3
- version/apple mac os x/10.4.1
- version/apple mac os x/10.4.7
- version/apple mac os x/10.4.4
- version/apple mac os x/10.4
- version/apple mac os x/10.4.6
- version/apple mac os x/10.4.5
- version/apple mac os x/10.3.9
- version/apple mac os x/10.4.2