Apple Products SSLVerifySignedServerKeyExchange Security Feature Bypass (CVE-2014-1266)
There exists a security feature bypass vulnerability in Apple products. The vulnerability is due to the SSLVerifySignedServerKeyExchange function in the Secure Transport feature not checking the signature in a TLS Server Key Exchange message. This vulnerability allows man-in-the-middle attackers ...