CVE-2008-4368Apple MAC OS X vulnerability

CWE-31012 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 50.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple MAC OS X
Timeline
PublishedOct 1
Latest updateMay 2

Description

The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits, which makes it easier for attackers to decrypt ciphertext produced by JCE.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/mac_os_x10.5.4, 10.5.5+1

🔴Vulnerability Details

1
GHSA
GHSA-6w6j-pxvf-wrx2: The default configuration of Java 12022-05-02

📋Vendor Advisories

10
Citrix
Citrix Security Bulletin CTX116930
Citrix
Citrix Security Bulletin CTX116310
Citrix
Citrix Security Bulletin CTX116227
Citrix
Citrix Security Bulletin CTX114487
Citrix
Citrix Security Bulletin CTX117751