Apple CFNetwork

CPE Details

Apple CFNetwork
-
2007-08-23
19h05 +00:00
2007-09-14
15h36 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:apple:cfnetwork:-:*:*:*:*:*:*:*

Informations

Vendor

apple

Product

cfnetwork

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2010-1383 2011-07-21 23h00 +00:00 CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.
9.3
CVE-2010-1420 2011-07-21 23h00 +00:00 Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.
4.3
CVE-2011-0214 2011-07-21 23h00 +00:00 CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority.
5
CVE-2010-1800 2010-08-25 19h00 +00:00 CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.
5
CVE-2007-2403 2007-08-03 08h00 +00:00 CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.
6.8