CVE Vulnerabilities

CVE-2009-1682

Published: Jun 10, 2009 | Modified: Jun 19, 2009
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Apple Safari before 4.0 does not properly check for revoked Extended Validation (EV) certificates, which makes it easier for remote attackers to trick a user into accepting an invalid certificate.

Affected Software

Name Vendor Start Version End Version
Safari Apple 3.1.2 3.1.2
Safari Apple 3.2.1 3.2.1
Safari Apple 0.9 0.9
Safari Apple 1.3.2 1.3.2
Safari Apple 1.2 1.2
Safari Apple 3.0.4 3.0.4
Safari Apple 3.0.3 3.0.3
Safari Apple 1.3.1 1.3.1
Safari Apple 2.0.4 2.0.4
Safari Apple 3.0 3.0
Safari Apple 3.2.3 3.2.3
Safari Apple 1.1 1.1
Safari Apple * 4.0_beta
Safari Apple 3.1 3.1
Safari Apple 2.0 2.0
Safari Apple 3.0.2 3.0.2
Safari Apple 1.0.3 1.0.3
Safari Apple 1.0 1.0
Safari Apple 2.0.2 2.0.2
Safari Apple 3.1.1 3.1.1
Safari Apple 1.3 1.3
Safari Apple 0.8 0.8

References