CVE-2006-4390

Description

CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the sites identity cannot be trusted.

Risk Information

Base Score

8.2

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

EPSS Score

Exploitation Probability

0.277

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234