CVE Reference: CVE-2010-1377

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-1377

Description:
Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencrypted connection upon certain SSL failures, which allows man-in-the-middle attackers to spoof arbitrary network account servers, and possibly execute arbitrary code, via unspecified vectors.

CVE Status:
Candidate

References:

ST
  1024103

SAID
  Secunia Advisory: SA40220

CONFIRM
  http://support.apple.com/kb/HT4188

BID
  40871

APPLE
  http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html


Return to the previous page.