PT-2009-4197 · Apple · Cfnetwork+1

Jason Mueller

Published

2009-08-06

Updated

2017-08-17

CVE-2009-1723

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Apple Mac OS X versions prior to 10.5.8

Description: The issue allows remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability in certain 302 redirection scenarios. This occurs because CFNetwork places an incorrect URL in a certificate warning.

Recommendations: For Apple Mac OS X versions prior to 10.5.8, update to version 10.5.8 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-1723

Affected Products

Cfnetwork

Macos X

PT-2009-4197 · Apple · Cfnetwork+1

CVE-2009-1723

Related Identifiers

Affected Products

References · 11