CVE Vulnerabilities

CVE-2009-1682

Published: Jun 10, 2009 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate.

Affected Software

Name Vendor Start Version End Version
Safari Apple * 4.0_beta (including)
Safari Apple 0.8 (including) 0.8 (including)
Safari Apple 0.9 (including) 0.9 (including)
Safari Apple 1.0 (including) 1.0 (including)
Safari Apple 1.0.3 (including) 1.0.3 (including)
Safari Apple 1.1 (including) 1.1 (including)
Safari Apple 1.2 (including) 1.2 (including)
Safari Apple 1.3 (including) 1.3 (including)
Safari Apple 1.3.1 (including) 1.3.1 (including)
Safari Apple 1.3.2 (including) 1.3.2 (including)
Safari Apple 2.0 (including) 2.0 (including)
Safari Apple 2.0.2 (including) 2.0.2 (including)
Safari Apple 2.0.4 (including) 2.0.4 (including)
Safari Apple 3.0 (including) 3.0 (including)
Safari Apple 3.0.2 (including) 3.0.2 (including)
Safari Apple 3.0.3 (including) 3.0.3 (including)
Safari Apple 3.0.4 (including) 3.0.4 (including)
Safari Apple 3.1 (including) 3.1 (including)
Safari Apple 3.1.1 (including) 3.1.1 (including)
Safari Apple 3.1.2 (including) 3.1.2 (including)
Safari Apple 3.2.1 (including) 3.2.1 (including)
Safari Apple 3.2.3 (including) 3.2.3 (including)

References