PT-2006-5194 · Apple · Safari+1

Adam Bryzak

Published

2006-10-02

Updated

2017-07-20

CVE-2006-4390

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Apple Mac OS X versions 10.3.9 through 10.4.7

Description The issue allows remote SSL sites to appear as trusted sites by using encryption without authentication. This can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted.

Recommendations For Apple Mac OS X versions 10.3.9 through 10.4.7, update to a version that includes a fix for this issue to ensure proper authentication of SSL sites.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4390

Affected Products

Macos X

Safari

PT-2006-5194 · Apple · Safari+1

CVE-2006-4390

Related Identifiers

Affected Products

References · 8