CVE-2010-1800

2010-08-2519:00:00

apple

www.cve.org

apple mac os x

cfnetwork

ssl/tls

man-in-the-middle

vulnerability

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON

CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.

References

lists.apple.com/archives/security-announce/2010//Aug/msg00003.html

securitytracker.com/id?1024359

support.apple.com/kb/HT4312