PT-2010-2283 · Apple · Mail+1
Paul Suh
·
Published
2010-03-30
·
Updated
2010-06-21
·
CVE-2010-0525
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Mail in Apple Mac OS X versions prior to 10.6.3
Description
The issue is related to the improper enforcement of the key usage extension during the processing of a keychain that specifies multiple certificates for an e-mail recipient. This might make it easier for remote attackers to obtain sensitive information via a brute-force attack on a weakly encrypted e-mail message.
Recommendations
For Mail in Apple Mac OS X versions prior to 10.6.3, update to version 10.6.3 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Macos X
Mail