|
|
CVE Reference: CVE-2008-1580 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-1580 |
|
|
Description: CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and use arbitrary certificates to track user activities across domains, a related issue to CVE-2007-4879. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/42708 ST 1020134 SAID Secunia Advisory: SA30430 CERT http://www.us-cert.gov/cas/techalerts/TA08-150A.html BID 29412 29493 APPLE http://lists.apple.com/archives/security-announce/2008//May/msg00001.html |
|
| Return to the previous page. |
