CFNetwork in Apple Mac OS X 10.4 up to and including 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.4 |
||
apple mac os x 10.4.1 |
||
apple mac os x 10.4.4 |
||
apple mac os x 10.4.5 |
||
apple mac os x 10.4.2 |
||
apple mac os x 10.4.3 |
||
apple mac os x 10.3.9 |
||
apple mac os x 10.4.6 |
||
apple mac os x 10.4.7 |