Mac OS X SSL/TLS Authentication Vulnerability

Last Update Date: 25 Feb 2014 Release Date: 24 Feb 2014 3981 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Mac OS

TYPE: Mac OS

A vulnerability has been identified in Mac OS X, which can be exploited by remote user can decrypt SSL/TLS sessions in certain cases.

A remote user with the ability to conduct a man-in-the-middle attack can exploit a connection authentication flaw in the Secure Transport component to decrypt and modify SSL/TLS sessions.

 

Applications that use NSS (e.g., Chrome, Firefox) are not affected.

 

Note: Vulnerability has no patch available.

Impact

  • Information Disclosure

System / Technologies affected

  • Mac OS 10.9 and 10.9.1

Solutions

  • Vulnerability has no patch available.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Chrome Multiple Vulnerabilities

24 Feb 2014 3897 Views

Next

libpng Denial-Of-Service Vulnerability

26 Feb 2014 3779 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY