Man in the middle attack vulnerability in OpenSSL in Apple Mac OS XID: oval:org.secpod.oval:def:14154 | Date: (C)2013-06-12 (M)2023-12-07 |
Class: VULNERABILITY | Family: macos |
The host is installed with OS X Lion 10.7 through 10.7.5, OS X Lion Server 10.7 through 10.7.5, OS X Mountain Lion 10.8 through 10.8.3, Apple Mac OS X Server 10.6.8 or Apple Mac OS X 10.6.8 and is prone to man in the middle attack vulnerability. A flaw is present in the application, which can encrypt compressed data without properly obfuscating the length of the unencrypted data. Successful exploitation could allow an attacker to execute arbitrary code.
Platform: |
Apple Mac OS X 10.6 |
Apple Mac OS X Server 10.6 |
Apple Mac OS X 10.7 |
Apple Mac OS X Server 10.7 |
Apple Mac OS X 10.8 |
Apple Mac OS X Server 10.8 |