Published: 16/08/2015 Updated: 21/09/2017
CVSS v2 Base Score: 4.8 | Impact Score: 4.9 | Exploitability Score: 6.5
VMScore: 427
Vector: AV:A/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

The Dictionary app in Apple OS X prior to 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.

Affected Products

Vendor Product Versions
AppleMac Os X10.10.4

Vendor Advisories

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available To learn more about Apple Product Security, see the Apple Product Security website For information about the Apple Product Security PGP Key, see How to use ...