CVE-2007-6592
Apple Safari 2 accepts a certificate if the CN matches the requested domain and also treats SAN:dNSName entries as valid for the same certificate, enabling a spoofed site to trick a user into accepting an invalid certificate. Root cause involves how certificate trust is evaluated across CN and SA...