2.6
CVE-2006-4390
- EPSS 0.74%
- Veröffentlicht 03.10.2006 04:02:00
- Zuletzt bearbeitet 16.06.2026 22:29:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.74% | 0.498 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
http://secunia.com/advisories/22187
http://www.vupen.com/english/advisories/2006/3852
http://www.securityfocus.com/bid/20271
http://securitytracker.com/id?1016952
http://www.osvdb.org/29267
https://exchange.xforce.ibmcloud.com/vulnerabilities/29277