1 results (0.001 seconds)
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2010-1802
https://notcve.org/view.php?id=CVE-2010-1802
25 Aug 2010 — libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com. libsecurity en Apple Mac OS X v10.5.8 y v10.6.4 no realizad de forma adecuada la comparación entre las cadenas de nombre de dominio en los certificados X.509, lo que permite ataqu... • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html • CWE-287: Improper Authentication •