Lucene search

K
cveMitreCVE-2009-2825
HistoryNov 10, 2009 - 7:30 p.m.

CVE-2009-2825

2009-11-1019:30:01
CWE-310
mitre
web.nvd.nist.gov
40
certificate assistant
apple
mac os x
cve-2009-2825
ssl
x.509
man-in-the-middle
certificate
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

65.2%

Certificate Assistant in Apple Mac OS X before 10.6.2 does not properly handle a ‘\0’ character in a domain name in the subject’s Common Name (CN) field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Affected configurations

Nvd
Node
applemac_os_xRange10.6.1
OR
applemac_os_xMatch10.0
OR
applemac_os_xMatch10.0.0
OR
applemac_os_xMatch10.0.1
OR
applemac_os_xMatch10.0.2
OR
applemac_os_xMatch10.0.3
OR
applemac_os_xMatch10.0.4
OR
applemac_os_xMatch10.1
OR
applemac_os_xMatch10.1.0
OR
applemac_os_xMatch10.1.1
OR
applemac_os_xMatch10.1.2
OR
applemac_os_xMatch10.1.3
OR
applemac_os_xMatch10.1.4
OR
applemac_os_xMatch10.1.5
OR
applemac_os_xMatch10.2
OR
applemac_os_xMatch10.2.0
OR
applemac_os_xMatch10.2.1
OR
applemac_os_xMatch10.2.2
OR
applemac_os_xMatch10.2.3
OR
applemac_os_xMatch10.2.4
OR
applemac_os_xMatch10.2.5
OR
applemac_os_xMatch10.2.6
OR
applemac_os_xMatch10.2.7
OR
applemac_os_xMatch10.2.8
OR
applemac_os_xMatch10.3
OR
applemac_os_xMatch10.3.0
OR
applemac_os_xMatch10.3.1
OR
applemac_os_xMatch10.3.2
OR
applemac_os_xMatch10.3.3
OR
applemac_os_xMatch10.3.4
OR
applemac_os_xMatch10.3.5
OR
applemac_os_xMatch10.3.6
OR
applemac_os_xMatch10.3.7
OR
applemac_os_xMatch10.3.8
OR
applemac_os_xMatch10.3.9
OR
applemac_os_xMatch10.4
OR
applemac_os_xMatch10.4.0
OR
applemac_os_xMatch10.4.1
OR
applemac_os_xMatch10.4.2
OR
applemac_os_xMatch10.4.3
OR
applemac_os_xMatch10.4.4
OR
applemac_os_xMatch10.4.5
OR
applemac_os_xMatch10.4.6
OR
applemac_os_xMatch10.4.7
OR
applemac_os_xMatch10.4.8
OR
applemac_os_xMatch10.4.9
OR
applemac_os_xMatch10.4.10
OR
applemac_os_xMatch10.4.11
OR
applemac_os_xMatch10.5
OR
applemac_os_xMatch10.5.0
OR
applemac_os_xMatch10.5.1
OR
applemac_os_xMatch10.5.2
OR
applemac_os_xMatch10.5.3
OR
applemac_os_xMatch10.5.4
OR
applemac_os_xMatch10.5.5
OR
applemac_os_xMatch10.5.6
OR
applemac_os_xMatch10.5.7
OR
applemac_os_xMatch10.5.8
OR
applemac_os_xMatch10.6
Node
applemac_os_x_serverRange10.6.1
OR
applemac_os_x_serverMatch10.0
OR
applemac_os_x_serverMatch10.0.0
OR
applemac_os_x_serverMatch10.0.1
OR
applemac_os_x_serverMatch10.0.2
OR
applemac_os_x_serverMatch10.0.3
OR
applemac_os_x_serverMatch10.0.4
OR
applemac_os_x_serverMatch10.1
OR
applemac_os_x_serverMatch10.1.0
OR
applemac_os_x_serverMatch10.1.1
OR
applemac_os_x_serverMatch10.1.2
OR
applemac_os_x_serverMatch10.1.3
OR
applemac_os_x_serverMatch10.1.4
OR
applemac_os_x_serverMatch10.1.5
OR
applemac_os_x_serverMatch10.2
OR
applemac_os_x_serverMatch10.2.0
OR
applemac_os_x_serverMatch10.2.1
OR
applemac_os_x_serverMatch10.2.2
OR
applemac_os_x_serverMatch10.2.3
OR
applemac_os_x_serverMatch10.2.4
OR
applemac_os_x_serverMatch10.2.5
OR
applemac_os_x_serverMatch10.2.6
OR
applemac_os_x_serverMatch10.2.7
OR
applemac_os_x_serverMatch10.2.8
OR
applemac_os_x_serverMatch10.3
OR
applemac_os_x_serverMatch10.3.0
OR
applemac_os_x_serverMatch10.3.1
OR
applemac_os_x_serverMatch10.3.2
OR
applemac_os_x_serverMatch10.3.3
OR
applemac_os_x_serverMatch10.3.4
OR
applemac_os_x_serverMatch10.3.5
OR
applemac_os_x_serverMatch10.3.6
OR
applemac_os_x_serverMatch10.3.7
OR
applemac_os_x_serverMatch10.3.8
OR
applemac_os_x_serverMatch10.3.9
OR
applemac_os_x_serverMatch10.4
OR
applemac_os_x_serverMatch10.4.0
OR
applemac_os_x_serverMatch10.4.1
OR
applemac_os_x_serverMatch10.4.2
OR
applemac_os_x_serverMatch10.4.3
OR
applemac_os_x_serverMatch10.4.4
OR
applemac_os_x_serverMatch10.4.5
OR
applemac_os_x_serverMatch10.4.6
OR
applemac_os_x_serverMatch10.4.7
OR
applemac_os_x_serverMatch10.4.8
OR
applemac_os_x_serverMatch10.4.9
OR
applemac_os_x_serverMatch10.4.10
OR
applemac_os_x_serverMatch10.4.11
OR
applemac_os_x_serverMatch10.5
OR
applemac_os_x_serverMatch10.5.0
OR
applemac_os_x_serverMatch10.5.1
OR
applemac_os_x_serverMatch10.5.2
OR
applemac_os_x_serverMatch10.5.3
OR
applemac_os_x_serverMatch10.5.4
OR
applemac_os_x_serverMatch10.5.5
OR
applemac_os_x_serverMatch10.5.6
OR
applemac_os_x_serverMatch10.5.7
OR
applemac_os_x_serverMatch10.5.8
OR
applemac_os_x_serverMatch10.6
VendorProductVersionCPE
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
applemac_os_x10.0cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
applemac_os_x10.0.0cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*
applemac_os_x10.0.1cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*
applemac_os_x10.0.2cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
applemac_os_x10.0.3cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
applemac_os_x10.0.4cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
applemac_os_x10.1cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
applemac_os_x10.1.0cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
applemac_os_x10.1.1cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 1181

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

65.2%