5
CVE-2010-0525
- EPSS 0.13%
- Veröffentlicht 30.03.2010 18:30:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
LoginMail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient, which might make it easier for remote attackers to obtain sensitive information via a brute-force attack on a weakly encrypted e-mail message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Apple ≫ macOS X Server Version <= 10.6.2
Apple ≫ macOS X Server Version10.5.0
Apple ≫ macOS X Server Version10.5.1
Apple ≫ macOS X Server Version10.5.2
Apple ≫ macOS X Server Version10.5.3
Apple ≫ macOS X Server Version10.5.4
Apple ≫ macOS X Server Version10.5.5
Apple ≫ macOS X Server Version10.5.6
Apple ≫ macOS X Server Version10.5.7
Apple ≫ macOS X Server Version10.5.8
Apple ≫ macOS X Server Version10.6.0
Apple ≫ macOS X Server Version10.6.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.288 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|