[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Information disclosure vulnerability in Address Book in Apple Mac OS X

ID: oval:org.secpod.oval:def:3898Date: (C)2012-02-08   (M)2023-12-07
Class: VULNERABILITYFamily: macos




The host is installed with Apple Mac OS X 10.7.x before 10.7.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which automatically switches it to unencrypted sessions upon failure of encrypted connections. Successful exploitation could allow attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network.

Platform:
Apple Mac OS X 10.7
Apple Mac OS X Server 10.7
Reference:
CVE-2011-3444
CVE    1
CVE-2011-3444
CPE    8
cpe:/o:apple:mac_os_x
cpe:/o:apple:mac_os_x_server:10.7.2
cpe:/o:apple:mac_os_x_server:10.7.1
cpe:/o:apple:mac_os_x:10.7.2
...

© SecPod Technologies