Back to search
CVE-2010-1802
Published: Aug 25, 2010
Modified: Sep 16, 2024
PUBLISHED
Description
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1024359
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2010-08-24-1
vendor-advisory
x_refsource_APPLE
http://support.apple.com/kb/HT4312
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now