Apple · Libsecurity · CVE-2011-3227
**Name of the Vulnerable Software and Affected Versions**
libsecurity in Apple Mac OS X versions prior to 10.7.2
**Description**
The issue arises from the improper handling of errors during the processing of a nonstandard extension in a Certificate Revocation list (CRL) by libsecurity. This can be exploited by remote attackers through a crafted web site or e-mail message, potentially leading to the execution of arbitrary code or a denial of service, resulting in an application crash.
**Recommendations**
For versions prior to 10.7.2, update to version 10.7.2 or later to resolve the issue.