What is the severity of CVE-2007-4680?

CVE-2007-4680 is considered a high severity vulnerability due to the potential for man-in-the-middle attacks.

How do I fix CVE-2007-4680?

To fix CVE-2007-4680, update your Apple Mac OS X to version 10.4.11 or later as this version includes the necessary security patches.

What is affected by CVE-2007-4680?

CVE-2007-4680 affects Apple Mac OS X versions 10.3.9 and 10.4 through 10.4.10 due to improper SSL certificate validation.

What type of attack does CVE-2007-4680 enable?

CVE-2007-4680 enables remote attacks that can spoof trusted SSL certificates through a man-in-the-middle attack.

How can I verify if my system is vulnerable to CVE-2007-4680?

You can verify if your system is vulnerable to CVE-2007-4680 by checking the version of your Apple Mac OS X and ensuring it is updated to 10.4.11 or later.

Vulnerability/
CVE-2007-4680

medium

6.8

CWE

287

15/11/2007

7/8/2024

CVE-2007-4680

First published: Thu Nov 15 2007(Updated: )

CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
macOS Yosemite	=10.4.3
Apple Mac OS X Server	=10.4.3
Apple Mac OS X Server	=10.4.10
Apple Mac OS X Server	=10.4.9
macOS Yosemite	=10.4.1
Apple Mac OS X Server	=10.4.2
Apple Mac OS X Server	=10.4.4
Apple Mac OS X Server	=10.4.1
macOS Yosemite	=10.4.9
macOS Yosemite	=10.4.7
macOS Yosemite	=10.4.4
Apple Mac OS X Server	=10.4
Apple Mac OS X Server	=10.4.5
macOS Yosemite	=10.4
Apple Mac OS X Server	=10.4.6
Apple Mac OS X Server	=10.3.9
Apple Mac OS X Server	=10.4.8
macOS Yosemite	=10.4.6
macOS Yosemite	=10.4.5
macOS Yosemite	=10.3.9
macOS Yosemite	=10.4.8
macOS Yosemite	<=10.4.10
Apple Mac OS X Server	=10.4.7
macOS Yosemite	=10.4.2
macOS Yosemite	<=10.4.10
macOS Yosemite	=10.3.9
macOS Yosemite	=10.4
Apple Mac OS X Server	=10.3.9
Apple Mac OS X Server	=10.4
Apple Mac OS X Server	=10.4.1
Apple Mac OS X Server	=10.4.2
Apple Mac OS X Server	=10.4.3
Apple Mac OS X Server	=10.4.4
Apple Mac OS X Server	=10.4.5
Apple Mac OS X Server	=10.4.6
Apple Mac OS X Server	=10.4.7
Apple Mac OS X Server	=10.4.8
Apple Mac OS X Server	=10.4.9
Apple Mac OS X Server	=10.4.10

Remedy

http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-4680?
CVE-2007-4680 is considered a high severity vulnerability due to the potential for man-in-the-middle attacks.
How do I fix CVE-2007-4680?
To fix CVE-2007-4680, update your Apple Mac OS X to version 10.4.11 or later as this version includes the necessary security patches.
What is affected by CVE-2007-4680?
CVE-2007-4680 affects Apple Mac OS X versions 10.3.9 and 10.4 through 10.4.10 due to improper SSL certificate validation.
What type of attack does CVE-2007-4680 enable?
CVE-2007-4680 enables remote attacks that can spoof trusted SSL certificates through a man-in-the-middle attack.
How can I verify if my system is vulnerable to CVE-2007-4680?
You can verify if your system is vulnerable to CVE-2007-4680 by checking the version of your Apple Mac OS X and ensuring it is updated to 10.4.11 or later.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/author
agent/weakness
agent/last-modified-date
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/softwarecombine
vendor/apple
canonical/macos yosemite
version/macos yosemite/10.4.3
canonical/apple mac os x server
version/apple mac os x server/10.4.3
version/apple mac os x server/10.4.10
version/apple mac os x server/10.4.9
version/macos yosemite/10.4.1
version/apple mac os x server/10.4.2
version/apple mac os x server/10.4.4
version/apple mac os x server/10.4.1
version/macos yosemite/10.4.9
version/macos yosemite/10.4.7
version/macos yosemite/10.4.4
version/apple mac os x server/10.4
version/apple mac os x server/10.4.5
version/macos yosemite/10.4
version/apple mac os x server/10.4.6
version/apple mac os x server/10.3.9
version/apple mac os x server/10.4.8
version/macos yosemite/10.4.6
version/macos yosemite/10.4.5
version/macos yosemite/10.3.9
version/macos yosemite/10.4.8
version/macos yosemite/10.4.10
version/apple mac os x server/10.4.7
version/macos yosemite/10.4.2

Frequently Asked Questions

What is the severity of CVE-2007-4680?
CVE-2007-4680 is considered a high severity vulnerability due to the potential for man-in-the-middle attacks.
How do I fix CVE-2007-4680?
To fix CVE-2007-4680, update your Apple Mac OS X to version 10.4.11 or later as this version includes the necessary security patches.
What is affected by CVE-2007-4680?
CVE-2007-4680 affects Apple Mac OS X versions 10.3.9 and 10.4 through 10.4.10 due to improper SSL certificate validation.
What type of attack does CVE-2007-4680 enable?
CVE-2007-4680 enables remote attacks that can spoof trusted SSL certificates through a man-in-the-middle attack.
How can I verify if my system is vulnerable to CVE-2007-4680?
You can verify if your system is vulnerable to CVE-2007-4680 by checking the version of your Apple Mac OS X and ensuring it is updated to 10.4.11 or later.

CVE-2007-4680

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-4680?

How do I fix CVE-2007-4680?

What is affected by CVE-2007-4680?

What type of attack does CVE-2007-4680 enable?

How can I verify if my system is vulnerable to CVE-2007-4680?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2007-4680?

How do I fix CVE-2007-4680?

What is affected by CVE-2007-4680?

What type of attack does CVE-2007-4680 enable?

How can I verify if my system is vulnerable to CVE-2007-4680?