CVE-2011-3213

Name of the Vulnerable Software and Affected Versions Mac OS X versions prior to 10.7.2

Description The issue arises from the File Systems component not properly tracking the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection. This allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection.

Recommendations For Mac OS X versions prior to 10.7.2, update to version 10.7.2 or later to resolve the issue.