PT-2008-2597 · Apple · Macos X

Published

2008-03-18

Updated

2017-08-08

CVE-2008-0995

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apple Mac OS X version 10.5.2

Description The issue concerns the Printing component in Apple Mac OS X, which uses 40-bit RC4 when printing to an encrypted PDF file. This makes it easier for attackers to decrypt the file via brute force methods.

Recommendations For Apple Mac OS X version 10.5.2, consider using alternative encryption methods or updating the Printing component to use stronger encryption until a patch is available. As a temporary workaround, avoid printing sensitive information to encrypted PDF files using the affected Printing component.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2008-0995

Affected Products

Macos X

PT-2008-2597 · Apple · Macos X

CVE-2008-0995

Weakness Enumeration

Related Identifiers

Affected Products

References · 10