CVE-2006-4390 — Apple MAC OS X vulnerability

2 documents2 sources

Severity

2.6LOWNVD

EPSS

0.3%

top 48.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedOct 3

Latest updateMay 1

Description

CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/mac_os_x9 versions+8

Patches

Patch: lists.apple.com ↗Patch: securitytracker.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-v3x8-7pm6-7mwg: CFNetwork in Apple Mac OS X 10↗2022-05-01

▶