![]() When accessing a maliciously crafted URL, CFNetwork could send the request to an incorrect origin server. Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive informationĭescription: An issue existed in CFNetwork's handling of malformed URLs. Impact: Opening a maliciously crafted font in Font Book may lead to an unexpected application termination or arbitrary code executionĭescription: A memory management issue existed in ATS' handling of data-font files when opened by Font Book.ĬVE-2011-3446 : Will Dormann of the CERT/CC This issue is addressed by providing a configuration parameter to control the countermeasure and enabling it by default. Apache disabled the 'empty fragment' countermeasure which prevented these attacks. Impact: An attacker may be able to decrypt data protected by SSLĭescription: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Further information is available via the Apache web site at Impact: Multiple vulnerabilities in Apacheĭescription: Apache is updated to version 2.2.21 to address several vulnerabilities, the most serious of which may lead to a denial of service. This issue is addressed by not downgrading to an unencrypted connection without user approval.ĬVE-2011-3444 : Bernard Desruisseaux of Oracle CorporationĪvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 An attacker in a privileged network position could abuse this behavior to intercept CardDAV data. A downgrade issue caused Address Book to attempt an unencrypted connection if an encrypted connection failed. ![]() ![]() Impact: An attacker in a privileged network position may intercept CardDAV dataĭescription: Address Book supports Secure Sockets Layer (SSL) for accessing CardDAV. Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |