CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the sites identity cannot be trusted.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mac_os_x | Apple | 10.3.9 (including) | 10.3.9 (including) |
Mac_os_x | Apple | 10.4 (including) | 10.4 (including) |
Mac_os_x | Apple | 10.4.1 (including) | 10.4.1 (including) |
Mac_os_x | Apple | 10.4.2 (including) | 10.4.2 (including) |
Mac_os_x | Apple | 10.4.3 (including) | 10.4.3 (including) |
Mac_os_x | Apple | 10.4.4 (including) | 10.4.4 (including) |
Mac_os_x | Apple | 10.4.5 (including) | 10.4.5 (including) |
Mac_os_x | Apple | 10.4.6 (including) | 10.4.6 (including) |
Mac_os_x | Apple | 10.4.7 (including) | 10.4.7 (including) |