CVE Vulnerabilities

CVE-2011-3444

Published: Feb 02, 2012 | Modified: Feb 06, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network.

Affected Software

Name Vendor Start Version End Version
Mac_os_x_server Apple * 10.7.2
Mac_os_x_server Apple 10.7.1 10.7.1
Mac_os_x_server Apple 10.7.0 10.7.0
Mac_os_x Apple 10.7.0 10.7.0
Mac_os_x Apple * 10.7.2
Mac_os_x Apple 10.7.1 10.7.1

References