FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Filemaker_pro | Filemaker | * | 11.0.4.0 (including) |
| Filemaker_pro | Filemaker | 8.0.1.0 (including) | 8.0.1.0 (including) |
| Filemaker_pro | Filemaker | 8.0.2.0 (including) | 8.0.2.0 (including) |
| Filemaker_pro | Filemaker | 8.0.3.0 (including) | 8.0.3.0 (including) |
| Filemaker_pro | Filemaker | 8.5.0.0 (including) | 8.5.0.0 (including) |
| Filemaker_pro | Filemaker | 8.5.1.0 (including) | 8.5.1.0 (including) |
| Filemaker_pro | Filemaker | 8.5.2.0 (including) | 8.5.2.0 (including) |
| Filemaker_pro | Filemaker | 9.0.0.0 (including) | 9.0.0.0 (including) |
| Filemaker_pro | Filemaker | 9.0.1.0 (including) | 9.0.1.0 (including) |
| Filemaker_pro | Filemaker | 9.0.2.0 (including) | 9.0.2.0 (including) |
| Filemaker_pro | Filemaker | 9.0.3.0 (including) | 9.0.3.0 (including) |
| Filemaker_pro | Filemaker | 10.0.0.0 (including) | 10.0.0.0 (including) |
| Filemaker_pro | Filemaker | 10.0.1.0 (including) | 10.0.1.0 (including) |
| Filemaker_pro | Filemaker | 10.0.3.0 (including) | 10.0.3.0 (including) |
| Filemaker_pro | Filemaker | 11.0.0.0 (including) | 11.0.0.0 (including) |
| Filemaker_pro | Filemaker | 11.0.1.0 (including) | 11.0.1.0 (including) |
| Filemaker_pro | Filemaker | 11.0.2.0 (including) | 11.0.2.0 (including) |
| Filemaker_pro | Filemaker | 11.0.3.0 (including) | 11.0.3.0 (including) |