CVE Vulnerabilities

CVE-2010-0525

Published: Mar 30, 2010 | Modified: Jun 21, 2010
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient, which might make it easier for remote attackers to obtain sensitive information via a brute-force attack on a weakly encrypted e-mail message.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.5.8 10.5.8
Mac_os_x_server Apple 10.5.2 10.5.2
Mac_os_x Apple 10.5.6 10.5.6
Mac_os_x_server Apple 10.5.8 10.5.8
Mac_os_x Apple 10.5.5 10.5.5
Mac_os_x_server Apple 10.5.5 10.5.5
Mac_os_x Apple 10.5.1 10.5.1
Mac_os_x_server Apple 10.5.1 10.5.1
Mac_os_x_server Apple 10.5.6 10.5.6
Mac_os_x Apple 10.5.3 10.5.3
Mac_os_x Apple 10.5.0 10.5.0
Mac_os_x_server Apple 10.5.0 10.5.0
Mac_os_x_server Apple 10.5.3 10.5.3
Mac_os_x_server Apple 10.5.4 10.5.4
Mac_os_x Apple 10.5.2 10.5.2
Mac_os_x_server Apple 10.5.7 10.5.7
Mac_os_x_server Apple 10.6.1 10.6.1
Mac_os_x Apple * 10.6.2
Mac_os_x Apple 10.6.1 10.6.1
Mac_os_x_server Apple 10.6.0 10.6.0
Mac_os_x Apple 10.6.0 10.6.0
Mac_os_x Apple 10.5.7 10.5.7
Mac_os_x_server Apple * 10.6.2
Mac_os_x Apple 10.5.4 10.5.4

References