What is the severity of CVE-2009-1682?

CVE-2009-1682 is considered a moderate severity vulnerability due to its potential for abuse in phishing attacks.

How does CVE-2009-1682 affect Apple Safari?

CVE-2009-1682 affects Apple Safari by failing to properly check for revoked Extended Validation (EV) certificates.

How do I fix CVE-2009-1682?

The resolution for CVE-2009-1682 is to update Apple Safari to version 4.0 or later, where the vulnerability is patched.

Which versions of Safari are affected by CVE-2009-1682?

CVE-2009-1682 affects all versions of Apple Safari prior to 4.0, including versions 1.0 through 3.2.

What types of attacks could exploit CVE-2009-1682?

CVE-2009-1682 could be exploited through man-in-the-middle attacks that use invalid certificates, potentially leading to data interception.

Vulnerability/
CVE-2009-1682

medium

4.3

CWE

255

10/6/2009

19/6/2009

CVE-2009-1682

First published: Wed Jun 10 2009(Updated: )

Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apple Mobile Safari	=3.1.2
Apple Mobile Safari	=3.2.1
Apple Mobile Safari	=0.9
Apple Mobile Safari	=1.3.2
Apple Mobile Safari	=1.2
Apple Mobile Safari	=3.0.4
Apple Mobile Safari	=3.0.3
Apple Mobile Safari	=1.3.1
Apple Mobile Safari	=2.0.4
Apple Mobile Safari	=3.0
Apple Mobile Safari	=3.2.3
Apple Mobile Safari	=1.1
Apple Mobile Safari	<=4.0_beta
Apple Mobile Safari	=3.1
Apple Mobile Safari	=2.0
Apple Mobile Safari	=3.0.2
Apple Mobile Safari	=1.0.3
Apple Mobile Safari	=1.0
Apple Mobile Safari	=2.0.2
Apple Mobile Safari	=3.1.1
Apple Mobile Safari	=1.3
Apple Mobile Safari	=0.8
Apple Mobile Safari	=3.2
Apple Mobile Safari	=3.0.3
Apple Mobile Safari	=3.0.1
Apple Mobile Safari	=3.1.2
Apple Mobile Safari	<=3.2.3
Apple Mobile Safari	=3.0.2
Apple Mobile Safari	=3.1
Apple Mobile Safari	=3.1.1
Apple Mobile Safari	=3.0
Apple Mobile Safari	=3.2.2
Apple Mobile Safari	=3.2.1
Apple Mobile Safari	=3.0.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1682?
CVE-2009-1682 is considered a moderate severity vulnerability due to its potential for abuse in phishing attacks.
How does CVE-2009-1682 affect Apple Safari?
CVE-2009-1682 affects Apple Safari by failing to properly check for revoked Extended Validation (EV) certificates.
How do I fix CVE-2009-1682?
The resolution for CVE-2009-1682 is to update Apple Safari to version 4.0 or later, where the vulnerability is patched.
Which versions of Safari are affected by CVE-2009-1682?
CVE-2009-1682 affects all versions of Apple Safari prior to 4.0, including versions 1.0 through 3.2.
What types of attacks could exploit CVE-2009-1682?
CVE-2009-1682 could be exploited through man-in-the-middle attacks that use invalid certificates, potentially leading to data interception.

agent/severity
agent/references
agent/weakness
agent/author
agent/type
agent/event
agent/description
agent/remedy
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/apple
canonical/apple mobile safari
version/apple mobile safari/3.1.2
version/apple mobile safari/3.2.1
version/apple mobile safari/0.9
version/apple mobile safari/1.3.2
version/apple mobile safari/1.2
version/apple mobile safari/3.0.4
version/apple mobile safari/3.0.3
version/apple mobile safari/1.3.1
version/apple mobile safari/2.0.4
version/apple mobile safari/3.0
version/apple mobile safari/3.2.3
version/apple mobile safari/1.1
version/apple mobile safari/4.0_beta
version/apple mobile safari/3.1
version/apple mobile safari/2.0
version/apple mobile safari/3.0.2
version/apple mobile safari/1.0.3
version/apple mobile safari/1.0
version/apple mobile safari/2.0.2
version/apple mobile safari/3.1.1
version/apple mobile safari/1.3
version/apple mobile safari/0.8
version/apple mobile safari/3.2
version/apple mobile safari/3.0.1
version/apple mobile safari/3.2.2

CVE-2009-1682

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1682?

How does CVE-2009-1682 affect Apple Safari?

How do I fix CVE-2009-1682?

Which versions of Safari are affected by CVE-2009-1682?

What types of attacks could exploit CVE-2009-1682?

Company

Resources

Contact