Back to search
CVE-2009-1723
Published: Aug 6, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in certain 302 redirection scenarios, which makes it easier for remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability, a different issue than CVE-2009-2062.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://support.apple.com/kb/HT3757
x_refsource_CONFIRM
http://support.apple.com/kb/HT4225
x_refsource_CONFIRM
36096
third-party-advisory
x_refsource_SECUNIA
macosx-cfnetwork-weak-security(52418)
vdb-entry
x_refsource_XF
APPLE-SA-2009-08-05-1
vendor-advisory
x_refsource_APPLE
35954
vdb-entry
x_refsource_BID
56846
vdb-entry
x_refsource_OSVDB
ADV-2009-2172
vdb-entry
x_refsource_VUPEN
APPLE-SA-2010-06-21-1
vendor-advisory
x_refsource_APPLE
TA09-218A
third-party-advisory
x_refsource_CERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now