Apple · Cfnetwork · CVE-2007-4680
Name of the Vulnerable Software and Affected Versions:
Apple Mac OS X versions 10.3.9 through 10.4.10
Description:
The issue allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack due to improper validation of certificates by CFNetwork.
Recommendations:
For Apple Mac OS X versions 10.3.9 through 10.4.10, update to a version that properly validates certificates to prevent man-in-the-middle attacks.