CVE-2014-2234
CVE-2014-2234 concerns an Apple OpenSSL patch on OS X 10.9.2 and earlier where a Trust Evaluation Agent (TEA) feature does not terminate certain TLS/SSL handshakes as documented in SSL_CTX_set_verify. This allows remote attackers to bypass extra verification in a custom application by presenting ...