Cfnetwork Security Vulnerabilities and Issues — Cfnetwork CVE List

Lucene search

AppleCfnetwork

5 matches found

CVE•added 2011/07/21 11:55 p.m.•58 views

CVE-2010-1383

CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.

9.3CVSS8.5AI score0.0083EPSS

CVE•added 2011/07/21 11:55 p.m.•47 views

CVE-2010-1420

Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.

4.3CVSS6.4AI score0.00239EPSS

CVE•added 2011/07/21 11:55 p.m.•44 views

CVE-2011-0214

CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority.

5CVSS7.8AI score0.00137EPSS

CVE•added 2007/08/03 10:17 a.m.•43 views

CVE-2007-2403

CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.

6.8CVSS6.6AI score0.00973EPSS

CVE•added 2010/08/25 8:0 p.m.•37 views

CVE-2010-1800

CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.

5CVSS7.8AI score0.00297EPSS