Vulnerabilities > Apple > Cfnetwork
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-07-21 | CVE-2011-0214 | Cryptographic Issues vulnerability in Apple Cfnetwork and Safari CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority. | 5.0 |
2011-07-21 | CVE-2010-1420 | Cross-Site Scripting vulnerability in Apple Cfnetwork and Safari Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file. | 4.3 |
2011-07-21 | CVE-2010-1383 | Credentials Management vulnerability in Apple Cfnetwork and Safari CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue. | 9.3 |
2010-08-25 | CVE-2010-1800 | Information Exposure vulnerability in Apple Cfnetwork, mac OS X and mac OS X Server CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. | 5.0 |
2007-08-03 | CVE-2007-2403 | Multiple Security vulnerability in Apple Mac OS X 2007-007 CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. network apple | 6.8 |