PT-2011-4451 · Apple · Tv+1

Publicado

2011-10-14

Atualizado

2017-08-29

CVE-2011-3427

CVSS v2.0

2.6

Baixa

Vetor

AV:N/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 5 Apple TV versions prior to 4.4

Description The issue concerns the improper restriction of the MD5 hash algorithm within X.509 certificates in the Data Security component. This makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.

Recommendations For Apple iOS versions prior to 5, update to version 5 or later to resolve the issue. For Apple TV versions prior to 4.4, update to version 4.4 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2011-3427

Produtos afetados

Ios

PT-2011-4451 · Apple · Tv+1

CVE-2011-3427

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8