Apple · Cfnetwork · CVE-2009-1723
Name of the Vulnerable Software and Affected Versions:
Apple Mac OS X versions prior to 10.5.8
Description:
The issue allows remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability in certain 302 redirection scenarios. This occurs because CFNetwork places an incorrect URL in a certificate warning.
Recommendations:
For Apple Mac OS X versions prior to 10.5.8, update to version 10.5.8 or later to resolve the issue.