Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-3422
Description:The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate, as demonstrated by https access with Safari.
Test IDs: 1.3.6.1.4.1.25623.1.0.902474  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-3422
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
BugTraq ID: 49429
http://www.securityfocus.com/bid/49429
http://www.computerworld.com/s/article/9219669/Mac_OS_X_can_t_properly_revoke_dodgy_digital_certificates
http://www.securitytracker.com/id?1026002
XForce ISS Database: macos-keychain-sec-bypass(69556)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69556




© 1998-2024 E-Soft Inc. All rights reserved.