Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Mac OS X Certificate Trust Policy EV证书安全限制绕过漏洞
Vulnerability Description
Apple Mac OS X是美国苹果(Apple)公司为Mac计算机所开发的一套专用操作系统。 Apple Mac OS X 10.6.8之前版本中的Certificate Trust Policy组件不能对缺乏OCSP URL的扩展验证(EV)证书执行CRL检查。中间人攻击者可借助废弃的证书欺骗SSL服务器。
CVSS Information
N/A
Vulnerability Type
N/A