CVE-2006-4390

2006-10-0220:00:00

mitre

www.cve.org

AI Score

6.1

Confidence

Low

EPSS

0.005

Percentile

76.6%

JSON

CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site’s identity cannot be trusted.

References

lists.apple.com/archives/security-announce/2006/Sep/msg00002.html

secunia.com/advisories/22187

securitytracker.com/id?1016952

www.osvdb.org/29267

www.securityfocus.com/bid/20271

www.vupen.com/english/advisories/2006/3852

exchange.xforce.ibmcloud.com/vulnerabilities/29277